开发者

How to sanitize data (remove html tags) before saving a record?

I was wondering if Rails3 had an easy way to remove html tags from the input data before saving it in the database.

Right now the data is sanitized on the view level by HAML. JS doesn't get executed and stuff, but I'd like to completely remove potentially harmful data.

Basically, my question is: is there a helper I could use in a before_save filter to s开发者_开发问答afely strip the tags out?


I'm using sanitize for this jobs which is based on nokogiri. Is simpler to use, because you don't have to access view helpers in your model.


I believe what you are looking for is the sanitize helper.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜