Forum: Ruby on Rails sanitize_params + whiteList

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
Petan C. (Guest)
on 2009-05-01 16:26
Hi all,

I just installed whiteList and sanitize_params plugins to get rid of
with some bad html tags .....

Put in my environment.rb:
config.plugins = [:white_list, :sanitize_params, :all]

and in application.rb:
before_filter :sanitize_params

add ok tags to config/initializers/whitelist_conf.rb
WhiteListHelper.tags += %w(a em p strong blockquote h2 ul li)

but all the tags from the text fields are stripped. Am I missing
something?
THx P.
Petan C. (Guest)
on 2009-05-07 23:49
Anyone?
Tom Z Meinlschmidt (Guest)
on 2009-05-08 00:30
(Received via mailing list)
hi,
what about to put

WhiteListHelper.tags += %w(a em p strong blockquote h2 ul li)

into app/helpers/application_helper.rb ?

instead of config/...

tom

Petan C. wrote:
>
> add ok tags to config/initializers/whitelist_conf.rb
> WhiteListHelper.tags += %w(a em p strong blockquote h2 ul li)
>
> but all the tags from the text fields are stripped. Am I missing
> something?
> THx P.


--
===============================================================================
Tomas Meinlschmidt, MS {MCT, MCP+I, MCSE, AER}, NetApp Filer/NetCache

www.meinlschmidt.com  www.maxwellrender.cz  www.lightgems.cz
===============================================================================
Petan C. (Guest)
on 2009-05-08 11:41
Hi Tom,

I've moved the whitelistHelper tag to application_helper.rb, but it
still strips  all the tags. :(

Thx, Pete



Tom Z Meinlschmidt wrote:
> hi,
> what about to put
>
> WhiteListHelper.tags += %w(a em p strong blockquote h2 ul li)
>
> into app/helpers/application_helper.rb ?
>
> instead of config/...
>
> tom
This topic is locked and can not be replied to.