From 4a3d8c7ae8f65ab55b62122e61c216b55c585040 Mon Sep 17 00:00:00 2001
From: Joerg Henning <henning.joerg@gmail.com>
Date: Fri, 1 Apr 2016 00:01:11 +0800
Subject: [PATCH] Remove sanitize() from model/base because clean code

---
 core/server/models/base/index.js |  5 -----
 core/server/models/post.js       |  1 -
 core/server/models/settings.js   | 11 -----------
 3 files changed, 17 deletions(-)

diff --git a/core/server/models/base/index.js b/core/server/models/base/index.js
index f7c6040c98..5228490bd2 100644
--- a/core/server/models/base/index.js
+++ b/core/server/models/base/index.js
@@ -13,7 +13,6 @@ var _          = require('lodash'),
     filters    = require('../../filters'),
     moment     = require('moment'),
     Promise    = require('bluebird'),
-    sanitizer  = require('validator').sanitize,
     schema     = require('../../data/schema'),
     utils      = require('../../utils'),
     uuid       = require('node-uuid'),
@@ -183,10 +182,6 @@ ghostBookshelf.Model = ghostBookshelf.Model.extend({
         return proto.finalize.call(this, attrs);
     },
 
-    sanitize: function sanitize(attr) {
-        return sanitizer(this.get(attr)).xss();
-    },
-
     // Get attributes that have been updated (values before a .save() call)
     updatedAttributes: function updatedAttributes() {
         return this._updatedAttributes || {};
diff --git a/core/server/models/post.js b/core/server/models/post.js
index ad640ba4ec..27bcbd5925 100644
--- a/core/server/models/post.js
+++ b/core/server/models/post.js
@@ -124,7 +124,6 @@ Post = ghostBookshelf.Model.extend({
         this.set('html', converter.makeHtml(this.get('markdown')));
 
         // disabling sanitization until we can implement a better version
-        // this.set('title', this.sanitize('title').trim());
         title = this.get('title') || i18n.t('errors.models.post.untitled');
         this.set('title', title.trim());
 
diff --git a/core/server/models/settings.js b/core/server/models/settings.js
index dc80c3969f..706dfa6dfe 100644
--- a/core/server/models/settings.js
+++ b/core/server/models/settings.js
@@ -87,18 +87,7 @@ Settings = ghostBookshelf.Model.extend({
 
             return validation.validateActiveTheme(themeName);
         });
-    },
-
-    saving: function saving() {
-        // disabling sanitization until we can implement a better version
-        // All blog setting keys that need their values to be escaped.
-        // if (this.get('type') === 'blog' && _.contains(['title', 'description', 'email'], this.get('key'))) {
-        //    this.set('value', this.sanitize('value'));
-        // }
-
-        return ghostBookshelf.Model.prototype.saving.apply(this, arguments);
     }
-
 }, {
     findOne: function (options) {
         // Allow for just passing the key instead of attributes