class HTML::WhiteListSanitizer

def contains_bad_protocols?(attr_name, value)

def contains_bad_protocols?(attr_name, value)
  uri_attributes.include?(attr_name) &&
  (value =~ /(^[^\/:]*):|(&#0*58)|(&#x70)|(%|&#37;)3A/ && !allowed_protocols.include?(value.split(protocol_separator).first))
end

Instance Methods