On Sat, 12 Mar 2005 00:16:41 -0800, Ben Nolan <ben-tH0n/LiDeu9BWQWeTLFoew@public.gmane.org> wrote:> What''s the best way to sanitize your input for HTML content in rails?This manual has some good info: http://manuals.rubyonrails.com/read/book/8 - johan
What''s the best way to sanitize your input for HTML content in rails?
At the moment - it looks like I''d do something like add a bunch of
setters to the model - but surely that''s wrong.
For example - add this to models/item.rb:
def description=(html)
@duration = html.gsub(/<.+?>/,"")
end
What''s the correct way to do this?
Regards,
Ben