Hello,
I want to let users place in textfield an iframe tag from google maps.
Sanitize cuts everything. I want to add some kind of rule to sanitize, so
it cuts js, but pass through an iframe from google maps and yandex maps
Tried to place in config config.action_view.sanitized_allowed_tags =
%w(''iframe'') . It didn''t help.
sample
<iframe width="650" height="300"
frameborder="0" scrolling="no"
marginheight="0" marginwidth="0"
src="maps.google.ru/maps/ms?hl=ru&gl=ru&ptab=2&ie=UTF8&oe=UTF8&msa=0&msid=217915074489641580339.0004929006f65793c1d47&t=h&source=embed&ll=55.823209,37.8167&spn=0.023998,0.037119&output=embed"></iframe>
--
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To view this discussion on the web visit
groups.google.com/d/msg/rubyonrails-talk/-/64WCQGWi180J.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
For more options, visit this group at
groups.google.com/group/rubyonrails-talk?hl=en.
In config/initializers/sanitizer.rb add: HTML::WhiteListSanitizer.allowed_tags << ''iframe'' On Mar 24, 9:56 am, Grigory Antonov <antono...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> Hello, > I want to let users place in textfield an iframe tag from google maps. > Sanitize cuts everything. I want to add some kind of rule to sanitize, so > it cuts js, but pass through an iframe from google maps and yandex maps > Tried to place in config config.action_view.sanitized_allowed_tags > %w(''iframe'') . It didn''t help. > sample > <iframe width="650" height="300" frameborder="0" scrolling="no" > marginheight="0" marginwidth="0" > src="maps.google.ru/maps/ms?hl=ru&gl=ru&ptab=2&ie=UTF8&;..."></iframe>-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com. For more options, visit this group at groups.google.com/group/rubyonrails-talk?hl=en.