Sanitize_params + whiteList


#1

Hi all,

I just installed whiteList and sanitize_params plugins to get rid of
with some bad html tags …

Put in my environment.rb:
config.plugins = [:white_list, :sanitize_params, :all]

and in application.rb:
before_filter :sanitize_params

add ok tags to config/initializers/whitelist_conf.rb
WhiteListHelper.tags += %w(a em p strong blockquote h2 ul li)

but all the tags from the text fields are stripped. Am I missing
something?
THx P.


#2

Anyone?


#3

hi,
what about to put

WhiteListHelper.tags += %w(a em p strong blockquote h2 ul li)

into app/helpers/application_helper.rb ?

instead of config/…

tom

Petan C. wrote:

add ok tags to config/initializers/whitelist_conf.rb
WhiteListHelper.tags += %w(a em p strong blockquote h2 ul li)

but all the tags from the text fields are stripped. Am I missing
something?
THx P.

Tomas Meinlschmidt, MS {MCT, MCP+I, MCSE, AER}, NetApp Filer/NetCache

www.meinlschmidt.com www.maxwellrender.cz www.lightgems.cz


#4

Hi Tom,

I’ve moved the whitelistHelper tag to application_helper.rb, but it
still strips all the tags. :frowning:

Thx, Pete

Tom Z Meinlschmidt wrote:

hi,
what about to put

WhiteListHelper.tags += %w(a em p strong blockquote h2 ul li)

into app/helpers/application_helper.rb ?

instead of config/…

tom