Posts by Rafael França

The new HTML sanitizer in Rails 4.2

The article below was originally written by Kasper Timm Hansen (@kaspth on github & twitter) about his work during the Google Summer of Code 2013. Kasper and I worked a lot changing the underlying implementation of the sanitize helper to give Rails developers a more robust, faster and secure solution to sanitize user input. This … »

Bootstrap 3 support for Simple Form

We just released Simple Form 3.1.0.rc1 with support to Bootstrap 3. To make it possible, we leveled up the Wrapper API to make it more extensible and to allow developers to directly configure it instead of relying on global state. After such improvements, it was very easy to change the Simple Form configuration to work … »

XSS vulnerability on Simple Form

There is a XSS vulnerability on Simple Form’s label, hint and error options. Fixed versions: 3.0.1, 2.1.1

Using Boxen for automating our development setup

Rafael França shows how Plataformatec manages the development setup using Boxen, a tool created on top of puppet to automate machine setups.

About the composed_of removal

In this post we talk about the motivation of the composed_of removal in the Rails 4.0 and the possible replacements

SimpleForm 2.0 + Bootstrap: for you with love

The Carnival is over in Brazil but we are still partying at Plataformatec by bringing you, not a small bump, but a shiny new version: Simple Form 2.0. Simple Form 2.0 features a new wrapper API which makes it very flexible and easy to integrate with CSS frameworks like Twitter Bootstrap.