sanitizing html tags (content)

A

Aljaz Fajmut

Hello,

I have a variable which holds the following html code:

<object width="425" height="344"><param name="movie"
value="
"></param><param
name="allowFullScreen" value="true"></param><param
name="allowscriptaccess" value="always"></param><embed
src="
"
type="application/x-shockwave-flash" allowscriptaccess="always"
allowfullscreen="true" width="425" height="344"></embed></object>
<span>some text<a href="..">link</a> .. </span>


Now I'd like to process it so that everything would be stripped except
object/param/embed tags (span tag and its content should be removed).

What is the best way to compliment that?

I've installed sanitize gem but it wont allow me to strip/remove content
inside html tags as well.

I though of regex but I'm unsure about this.

Many thanks for help!
 
T

Tim Pease

Hello,

I have a variable which holds the following html code:

<object width="425" height="344"><param name="movie"
value="
"></
param><param
name="allowFullScreen" value="true"></param><param
name="allowscriptaccess" value="always"></param><embed
src="
"
type="application/x-shockwave-flash" allowscriptaccess="always"
allowfullscreen="true" width="425" height="344"></embed></object>
<span>some text<a href="..">link</a> .. </span>


Now I'd like to process it so that everything would be stripped except
object/param/embed tags (span tag and its content should be removed).

What is the best way to compliment that?

I've installed sanitize gem but it wont allow me to strip/remove
content
inside html tags as well.

I though of regex but I'm unsure about this.

Many thanks for help!
Click to expand...

Have a look at nokogiri. It will parse the HTML for you and you can
then tinker with it as you please. After you're done, just write it
back out as a string.

Blessings,
TwP
 
M

Mike Dalessio

[Note: parts of this message were removed to make it a legal post.]

On Oct 22, 2009, at 12:03 PM, Aljaz Fajmut wrote:

Hello,
Click to expand...
Please don't use regexes. Think of the children!

Instead, try Loofah, which is based on Nokogiri and has some nice
sanitization helpers:

http://loofah.rubyforge.org/

Good luck!
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

YouTube video code 9
linking to youtube with complete "obj" 3
Redcloth ignore YouTube embeds? 2
Canvas drawing HTML Javascript on elementor 1
path problem 6
Problem with javascript function call 7
Why is this WordPress comments form not submitting? 1
Popup HTML help 5

Members online

No members online now.
Total: 26 (members: 0, guests: 26)
Robots: 191

Forum statistics

Threads
473,764
Messages
2,569,565
Members
45,041
Latest member
RomeoFarnh

Latest Threads

Top