Skip to content

Instantly share code, notes, and snippets.

@bensie
Created February 18, 2009 15:10
Show Gist options
  • Save bensie/66376 to your computer and use it in GitHub Desktop.
Save bensie/66376 to your computer and use it in GitHub Desktop.
Rails sanitize() method usage
# Add safe tags to sanitize method
Rails::Initializer.run do |config|
config.action_view.sanitized_allowed_tags = 'table', 'tr', 'td'
config.action_view.sanitized_allowed_attributes = 'id', 'class', 'style'
end
tags = %w(a acronym b strong i em li ul ol h1 h2 h3 h4 h5 h6 blockquote br cite sub sup ins p)
s = sanitize(user_input, :tags => tags, :attributes => %w(href title))
# http://api.rubyonrails.org/classes/ActionView/Helpers/SanitizeHelper.html#M001588
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment