Drop-in Rails engine that patches link_to to block dangerous protocols (javascript:, data:, vbscript:) and provides a URL validator to prevent SSRF via private/local IP resolution.

Required Ruby Version

>= 3.1

Authors

mfo

Versions

  1. 0.1.2 April 15, 2026 (8 KB)
  2. 0.1.1 April 15, 2026 (8 KB)
  3. 0.1.0 April 15, 2026 (8 KB)

Pushed by

SHA 256 checksum