I've used this before and found it to be flexible enough. It includes a number of out-of-box configurations to enable removal of all or just some tags or allows you to create your own.
https://github.com/rgrove/sanitize/ On Thu, Jul 28, 2011 at 11:52 PM, Jan Marquardt <[email protected]> wrote: > Hi mates, > > I've hit a problem and hope for some advices. > > I am developing a blog for my family and I want to provide the opportuniy > that everyone may format his blog posts. After some research I found > RedCloth. It seems that it does exactly what I want, but for output i need > to use the raw helper. > > <%= raw RedCloth.new(post.content) %> > > But this also allows them to use HTML in their posts. What is the best > practice to prevent the usage of HTML and sanitize the content in this case? > Is there any plugin for achiving this? > > I'd be thankful for any help. > > Kind regards, > > Jan > > -- > You received this message because you are subscribed to the Google Groups > "Ruby on Rails: Talk" group. > To post to this group, send email to > rubyonrails-talk@googlegroups.**com<[email protected]> > . > To unsubscribe from this group, send email to > rubyonrails-talk+unsubscribe@**googlegroups.com<rubyonrails-talk%[email protected]> > . > For more options, visit this group at http://groups.google.com/** > group/rubyonrails-talk?hl=en<http://groups.google.com/group/rubyonrails-talk?hl=en> > . > > -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
