Remove sanitize() from model/base because clean code

This commit is contained in:
Joerg Henning 2016-04-01 00:01:11 +08:00
parent 5f8ef26eb3
commit 4a3d8c7ae8
3 changed files with 0 additions and 17 deletions

View File

@ -13,7 +13,6 @@ var _ = require('lodash'),
filters = require('../../filters'),
moment = require('moment'),
Promise = require('bluebird'),
sanitizer = require('validator').sanitize,
schema = require('../../data/schema'),
utils = require('../../utils'),
uuid = require('node-uuid'),
@ -183,10 +182,6 @@ ghostBookshelf.Model = ghostBookshelf.Model.extend({
return proto.finalize.call(this, attrs);
},
sanitize: function sanitize(attr) {
return sanitizer(this.get(attr)).xss();
},
// Get attributes that have been updated (values before a .save() call)
updatedAttributes: function updatedAttributes() {
return this._updatedAttributes || {};

View File

@ -124,7 +124,6 @@ Post = ghostBookshelf.Model.extend({
this.set('html', converter.makeHtml(this.get('markdown')));
// disabling sanitization until we can implement a better version
// this.set('title', this.sanitize('title').trim());
title = this.get('title') || i18n.t('errors.models.post.untitled');
this.set('title', title.trim());

View File

@ -87,18 +87,7 @@ Settings = ghostBookshelf.Model.extend({
return validation.validateActiveTheme(themeName);
});
},
saving: function saving() {
// disabling sanitization until we can implement a better version
// All blog setting keys that need their values to be escaped.
// if (this.get('type') === 'blog' && _.contains(['title', 'description', 'email'], this.get('key'))) {
// this.set('value', this.sanitize('value'));
// }
return ghostBookshelf.Model.prototype.saving.apply(this, arguments);
}
}, {
findOne: function (options) {
// Allow for just passing the key instead of attributes