Rails sanitize method is stripping my anchors


#1

Hi,

I have some html pages that are saved in DB and which require anchors
for quickly jumping inside the page. People can edit the page manually,
so in order to keep things clean I use Rails sanitize method to clean
the html before output. The problem is that it is stripping my anchors.

e.g:

Our Team

becomes

Our Team

How can I prevent sanitize from stripping the anchors? I have added "h2
id’ to config.action_view.sanitized_allowed_tags but it did not work.


#2

Fernando P. wrote:

Hi,

I have some html pages that are saved in DB and which require anchors
for quickly jumping inside the page. People can edit the page manually,
so in order to keep things clean I use Rails sanitize method to clean
the html before output. The problem is that it is stripping my anchors.

e.g:

Our Team

becomes

Our Team

How can I prevent sanitize from stripping the anchors? I have added "h2
id’ to config.action_view.sanitized_allowed_tags but it did not work.

By poking inside Rails’ source code, I have found that you can allow
attributes with for instance:
config.action_view.sanitized_allowed_attributes = ‘id’

This way now, I can allow to mix html and markdown for creating such
links.