i believe redcloth will sanitize for you (if i recall correctly) so
you don''t need h(). You may have to pass a flag, but the source
should make it clear.
pt.
pt.
On 5/11/06, Lindsay Boyd <lindsay.boyd@ntlworld.com>
wrote:> If a user enters the Textile-based code for an image, say:
>
> !>graphic.png!
>
> the textile() method will successfully render a right-float image. Now,
> if I want to escape the user''s text using h(), the
''>'' is turned into an
> &. Obviously, the image then fails to render in a browser. Is there
> a work around for this?
>
> I guess what I''m really asking is: is there a way to allow the
user to
> have limited ability to embed HTML in a view, and can Textile still be
> used as a friendly way to encode the HTML?
>
> -Lindsay
>
> --
> Posted via http://www.ruby-forum.com/.
> _______________________________________________
> Rails mailing list
> Rails@lists.rubyonrails.org
> http://lists.rubyonrails.org/mailman/listinfo/rails
>
--
Parker Thompson
http://www.parkert.com/
510.541.0125