HTML in imported email

Hi

I have a rails app that receives email and displays their bodies on a
single web page. My problem is that some of the emails are plain text
and others are HTML. The bodies of the HTML emails are displayed in
their textareas with all of the embedded HTML markup visible.

I’d like to render the bodies before I display each in its textarea, or
strip the markup out and simply dispay the content. I think
render_to_string() might do the trick, but it’s a Controller method and
I think I need it in either the ActionMailer when I’m reading the email
or in the View when I’m displaying the email.

Is there an existing way to render the HTML or strip out the markup when
I am importing the email or when I am displaying the email bodies?

Thanks

David

On 2/2/07, David U. [email protected] wrote:

render_to_string() might do the trick, but it’s a Controller method and
I think I need it in either the ActionMailer when I’m reading the email
or in the View when I’m displaying the email.

Is there an existing way to render the HTML or strip out the markup when
I am importing the email or when I am displaying the email bodies?

Thanks

David

I’d be very careful displaying HTML that you don’t generate. It is
trivial to embed javascript sniffers and other goodies that could
endanger your app. Check out the white_list plugin which allows
stripping certain html tags:

http://svn.techno-weenie.net/projects/plugins/white_list

Hope this helps.


Zack C.
http://depixelate.com

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs