I have some text columns where I would like many of the html commands available. I can insert tags in the field with no problem and it stays there. When I try to use the data like <%= @item.description %> I loose several of the tags. They do not work. Particularly the <ul> <ol> <li> tags. The <b> <i> tags work along with font and color. Are they being filtered out automatically? I am on rails 2.2.2. What do I need to do to get a column to display in the format specified. Ultimately I want to use one of the wysiwyg editors on the site, but If I can not get the output to display, it is of no use Thank you Don French --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
Don French wrote:> I have some text columns where I would like many of the html commands > available. I can insert tags in the field with no problem and it stays > there. When I try to use the data like <%= @item.description %> I > loose several of the tags. They do not work. Particularly the <ul> > <ol> <li> tags. The <b> <i> tags work along with font and color. > > Are they being filtered out automatically?Not at all - if you put raw text in you should get raw text out. (Probably UTF-8...) How long is your description field? If it''s not a TEXT blob, it might truncate at 255. What do your unit tests say about the description field, and the view it constructs?> What do I need to do to get a column to display in the format > specified. Ultimately I want to use one of the wysiwyg editors on the > site, but If I can not get the output to display, it is of no useWe do it all the time. But just today I could not get a <li> to display its freaking list-style-type: disc for anything. Both Firefox and IE caught the bug. Maybe it''s a lunar phase thing, and you caught it too! -- Phlip --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
The column is a text type. I get <b> <i> but not <ol><li> The bullets are just left out. On Dec 13, 9:46 pm, Phlip <phlip2...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> Don French wrote: > > I have some text columns where I would like many of the html commands > > available. I can insert tags in the field with no problem and it stays > > there. When I try to use the data like <%= @item.description %> I > > loose several of the tags. They do not work. Particularly the <ul> > > <ol> <li> tags. The <b> <i> tags work along with font and color. > > > Are they being filtered out automatically? > > Not at all - if you put raw text in you should get raw text out. (Probably UTF-8...) > > How long is your description field? If it''s not a TEXT blob, it might truncate > at 255. > > What do your unit tests say about the description field, and the view it constructs? > > > What do I need to do to get a column to display in the format > > specified. Ultimately I want to use one of the wysiwyg editors on the > > site, but If I can not get the output to display, it is of no use > > We do it all the time. > > But just today I could not get a <li> to display its freaking list-style-type: > disc for anything. Both Firefox and IE caught the bug. Maybe it''s a lunar phase > thing, and you caught it too! > > -- > Phlip--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
On Mon, Dec 15, 2008 at 5:45 AM, Don French <dhf0820-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> > The column is a text type. I get <b> <i> but not <ol><li> The bullets > are just left out."bullets" are a visual attribute of OL/LI defined by the page''s CSS; are you sure your style sheet isn''t overriding the default browser view, or causing the bullets to be hidden by another element? OTOH, if you can''t see the OL/LIs in a page via `view source` I think you''ll need to post some code. -- Hassan Schroeder ------------------------ hassan.schroeder-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
>> The column is a text type. I get <b> <i> but not <ol><li> The bullets >> are just left out.It sounds to me like your HTML is getting sanitized somewhere, which is actually a really good thing. Allowing raw HTML to be passed though from an input (textfield, textarea, etc.) and then displayed without being sanitized can lead to all sort of security problems. My recommendation would be to look into supporting Textile/Markdown in your input textarea and make sure you are properly sanitizing your HTML. Otherwise, you may leave yourself open to cross-site scripting or SQL injection attacks. -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---