Rails去除Html标签

2012.01.09

ModuleActionView::Helpers::SanitizeHelper

actionpack/lib/action_view/helpers/sanitize_helper.rb

strip_tags(html)

Strips all HTML tags from the html, including comments. This uses the html-scanner tokenizer and so its HTML parsing ability is limited by that of html-scanner.

Examples

strip_tags("Strip <i>these</i> tags!")
# => Strip these tags!

strip_tags("<b>Bold</b> no more!  <a href='more.html'>See more here</a>...")
# => Bold no more!  See more here...

strip_tags("<div id='top-bar'>Welcome to my website!</div>")
# => Welcome to my website!

Source: hide

# File actionpack/lib/action_view/helpers/sanitize_helper.rb, line 83
def strip_tags(html)
  self.class.full_sanitizer.sanitize(html).try(:html_safe)
end

ActionController::Base.helpers.strip_tags

参考文章：http://rubyer.me/blog/1124

Comments: 0

Category: Ruby On Rails

Tags: rails html helper

rails中的html_escape,escape_javascript

2011.12.17

ERB::Util

activesupport/lib/active_support/core_ext/string/output_safety.rb

html_escape(s)

A utility method for escaping HTML tag characters. This method is also aliased as h.

In your ERB templates, use this method to escape any unsafe content. For example:

<%=h @person.name %>

Example:

puts html_escape("is a > 0 & a < 10?")
# => is a &gt; 0 &amp; a &lt; 10?

Also aliased as: h

Source: hide

# File activesupport/lib/active_support/core_ext/string/output_safety.rb, line 18
def html_escape(s)
  s = s.to_s
  if s.html_safe?
    s
  else
    s.gsub(/&/, "&amp;").gsub(/\"/, "&quot;").gsub(/>/, "&gt;").gsub(/</, "&lt;").html_safe
  end
end

ActionView::Helpers::JavaScriptHelper actionpack/lib/action_view/helpers/javascript_helper.rb

escape_javascript(javascript)

Escape carrier returns and single and double quotes for JavaScript segments. Also available through the alias j(). This is particularly helpful in JavaScript responses, like:

$('some_element').replaceWith('<%=j render 'some/element_template' %>');

Also aliased as: j

Source: hide

# File actionpack/lib/action_view/helpers/javascript_helper.rb, line 19
def escape_javascript(javascript)
  if javascript
    result = javascript.gsub(/(\\|<\/|\r\n|[\n\r"'])/) {|match| JS_ESCAPE_MAP[match] }
    javascript.html_safe? ? result.html_safe : result
  else
    ''
  end
end

Comments: 3

Category: Ruby On Rails

Tags: ruby rails JavaScript gsub html

Miclle's Posts

Softly sighs the rainbow, Stories seldom told.
Flowing by the skyline, My love songs that never rhyme.
I stand alone by my secret rainbow.

Rails去除Html标签

ModuleActionView::Helpers::SanitizeHelper

Examples

rails中的html_escape,escape_javascript

Example:

CATEGORIES

TAGS

FILCKR

Links

Recent posts

Newsletter

Miclle's Posts

Softly sighs the rainbow, Stories seldom told. Flowing by the skyline, My love songs that never rhyme. I stand alone by my secret rainbow.

Rails去除Html标签

ModuleActionView::Helpers::SanitizeHelper

Examples

rails中的html_escape,escape_javascript

Example:

CATEGORIES

TAGS

FILCKR

Links

Recent posts

Newsletter

Softly sighs the rainbow, Stories seldom told.
Flowing by the skyline, My love songs that never rhyme.
I stand alone by my secret rainbow.