Typing text messages in Rails

Question

Typing text messages in Rails

What's the preferred way to handle user input with rich text in rails? Markdown looks useful, but I haven't found an editor that looks simple to customize it, and I'm not sure how to handle the html sanitization. (the helper sanitize

still seems to resolve things like </div>

which breaks my layout). I would like to ensure that the cleaned up code is valid. XHTML Strict.

+1

javascript ruby-on-rails sanitization

Eric May 24 '09 at 22:16

a source to share

2 answers

From this thread comes the editor in the Yahoo UI library - it's a good solution. Always use the search function first! :)

+1

John T May 24 '09 at 22:18

a source to share

user112245 · Accepted Answer · 2009-05-25T19:26:08+0000

I chose TinyMCE. This allows me to sanitize the returned HTML down to tags and attributes. See the documentation for the valid_elements parameter for details.

But be careful: this sanitization feature doesn't help if someone POSTs trash directly (without a browser, like using curl). I am using Tidy with a little help from TidyFFI to prevent problems like this.

(Sorry, no links because I am not allowed to host such malware;)

Typing text messages in Rails

More articles: