Forum supports some-html

Hi there,

I have a forum which allow user to post comment.
For security reason, when user submit a new post , I will use h() to
escape
any html or javascript code.

Is there any function likes h(), which will escape most of the
html/javascript code,
but also keep some basic html elements like , ,
… so
that
user can post comment with some-html ?
Thanks.

Gary

“Gary L.” [email protected] writes:

Hi there,

I have a forum which allow user to post comment.
For security reason, when user submit a new post , I will use h() to escape
any html or javascript code.

Is there any function likes h(), which will escape most of the
html/javascript code,
but also keep some basic html elements like , ,
… so that
user can post comment with some-html ?

sanitize


Surendra S.
http://ssinghi.kreeti.com, http://www.kreeti.com
Read my blog at: http://cuttingtheredtape.blogspot.com/
,----
| “All animals are equal, but some animals are more equal than others.”
| – Orwell, Animal Farm, 1945
`----

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs