From 2ab08ef21db5d7f5de2c4cfce17d289667225059 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?R=C3=A9gis=20Hanol?= <regis@hanol.fr>
Date: Fri, 22 Mar 2013 12:32:56 +0100
Subject: [PATCH] FIX: OpenGraph tags not fully sanitized

---
 lib/summarize.rb                  | 7 ++++---
 spec/components/summarize_spec.rb | 5 +++++
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/lib/summarize.rb b/lib/summarize.rb
index f0ff2bb65d3..d1d1b8cb087 100644
--- a/lib/summarize.rb
+++ b/lib/summarize.rb
@@ -1,9 +1,10 @@
 # Summarize a HTML field into regular text. Used currently
 # for meta tags
 
-class Summarize
-  include ActionView::Helpers
+require 'sanitize'
 
+class Summarize
+  
   def initialize(text)
     @text = text
   end
@@ -15,7 +16,7 @@ class Summarize
   def summary
     return nil if @text.blank?
 
-    result = sanitize(@text, tags: [], attributes: [])
+    result = Sanitize.clean(@text)
     result.gsub!(/\n/, ' ')
     result.strip!
 
diff --git a/spec/components/summarize_spec.rb b/spec/components/summarize_spec.rb
index 448671efecd..d0f502dde1d 100644
--- a/spec/components/summarize_spec.rb
+++ b/spec/components/summarize_spec.rb
@@ -15,6 +15,11 @@ describe Summarize do
     Summarize.new("hello <b>robin</b>").summary.should == "hello robin"
   end
 
+  it "removes doctype entries" do
+    # this is not valid html but this is just testing DOCTYPE entries
+    Summarize.new("<!DOCTYPE html>Discourse").summary.should == "Discourse"
+  end
+
   it "strips leading and trailing space" do
     Summarize.new("\t  \t hello   \t ").summary.should == "hello"
   end