I''ve used this before and found it to be flexible enough. It includes
a
number of out-of-box configurations to enable removal of all or just some
tags or allows you to create your own.
https://github.com/rgrove/sanitize/
On Thu, Jul 28, 2011 at 11:52 PM, Jan Marquardt
<janno-R+7h4gkPAorrZ44/DZwexQ@public.gmane.org> wrote:
> Hi mates,
>
> I''ve hit a problem and hope for some advices.
>
> I am developing a blog for my family and I want to provide the opportuniy
> that everyone may format his blog posts. After some research I found
> RedCloth. It seems that it does exactly what I want, but for output i need
> to use the raw helper.
>
> <%= raw RedCloth.new(post.content) %>
>
> But this also allows them to use HTML in their posts. What is the best
> practice to prevent the usage of HTML and sanitize the content in this
case?
> Is there any plugin for achiving this?
>
> I''d be thankful for any help.
>
> Kind regards,
>
> Jan
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ruby on Rails: Talk" group.
> To post to this group, send email to
rubyonrails-talk@googlegroups.**com<rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org>
> .
> To unsubscribe from this group, send email to
>
rubyonrails-talk+unsubscribe@**googlegroups.com<rubyonrails-talk%2Bunsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org>
> .
> For more options, visit this group at http://groups.google.com/**
>
group/rubyonrails-talk?hl=en<http://groups.google.com/group/rubyonrails-talk?hl=en>
> .
>
>
--
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en.