Rails - May 2009 - sanitize_params + whiteList

Hi all,

I just installed whiteList and sanitize_params plugins to get rid of
with some bad html tags .....

Put in my environment.rb:
config.plugins = [:white_list, :sanitize_params, :all]

and in application.rb:
before_filter :sanitize_params

add ok tags to config/initializers/whitelist_conf.rb
WhiteListHelper.tags += %w(a em p strong blockquote h2 ul li)

but all the tags from the text fields are stripped. Am I missing
something?
THx P.
-- 
Posted via http://www.ruby-forum.com/.

Anyone?

-- 
Posted via http://www.ruby-forum.com/.

hi,
what about to put

WhiteListHelper.tags += %w(a em p strong blockquote h2 ul li)

into app/helpers/application_helper.rb ?

instead of config/...

tom

Petan Cert wrote:
> Hi all,
> 
> I just installed whiteList and sanitize_params plugins to get rid of
> with some bad html tags .....
> 
> Put in my environment.rb:
> config.plugins = [:white_list, :sanitize_params, :all]
> 
> and in application.rb:
> before_filter :sanitize_params
> 
> add ok tags to config/initializers/whitelist_conf.rb
> WhiteListHelper.tags += %w(a em p strong blockquote h2 ul li)
> 
> but all the tags from the text fields are stripped. Am I missing
> something?
> THx P.

-- 
==============================================================================Tomas
Meinlschmidt, MS {MCT, MCP+I, MCSE, AER}, NetApp Filer/NetCache

www.meinlschmidt.com  www.maxwellrender.cz  www.lightgems.cz
===============================================================================

Hi Tom,

I''ve moved the whitelistHelper tag to application_helper.rb, but it 
still strips  all the tags. :(

Thx, Pete



Tom Z Meinlschmidt wrote:
> hi,
> what about to put
> 
> WhiteListHelper.tags += %w(a em p strong blockquote h2 ul li)
> 
> into app/helpers/application_helper.rb ?
> 
> instead of config/...
> 
> tom

-- 
Posted via http://www.ruby-forum.com/.