module PreventCrossSiteScripting
Constants
- VERSION
Public Instance Methods
cross_site_scripting_validation(*attributes, msg: nil)
click to toggle source
Your code goes hereā¦
# File lib/prevent_cross_site_scripting.rb, line 5 def cross_site_scripting_validation(*attributes, msg: nil) validate do attributes.each do |attribute| self.errors[attribute] << ((msg.present?) ? msg : "Html tags dosen't allowed ") if (attribute != Nokogiri::HTML(attribute).text) end end end