I have a Project model and it has some text attributes, one is summary. I have some projects that have html tags in the summary and I want to convert that to plain text. I have this method that has a regex that will remove all html tags.
我有一个项目模型,它有一些文本属性,一个是summary。我有一些项目在摘要中有html标签我想把它转换成纯文本。我有一个具有regex的方法,它将删除所有html标记。
def strip_html_comments_on_data
self.attributes.each{|key,value| value.to_s.gsub!(/(<[^>]+>| |\r|\n)/,"")}
end
I also have a before_save filter
我还有一个before_save过滤器
before_save :strip_html_comments_on_data
The problem is that the html tags are still there after saving the project. What am I missing?
问题是在保存项目之后,html标记仍然存在。我缺少什么?
And, is there a really easy way to have that method called in all the models?
有没有一种很简单的方法可以在所有模型中调用这个方法?
Thanks,
谢谢,
Nicolás Hock Isaza
尼古拉斯典当Isaza
6 个解决方案
#1
44
untested
未测试的
include ActionView::Helpers::SanitizeHelper
def foo
sanitized_output = sanitize(html_input)
end
where html_input is a string containing HTML tags.
html_input是一个包含HTML标记的字符串。
EDIT
编辑
You can strip all tags by passing :tags=>[]
as an option:
您可以通过传递:tags=>[]作为一个选项来去除所有的标签:
plain_text = sanitize(html_input, :tags=>[])
plain_text =清洁(html_input:标签= >[])
Although reading the docs I see there is a better method:
虽然阅读文档我看到有更好的方法:
plain_text = strip_tags(html_input)
plain_text = strip_tags(html_input)
Then make it into a before filter per smotchkiss and you're good to go.
然后把它做成一个前滤镜,然后你就可以开始了。
#2
10
It would be better not to include view helpers in your model. Just use:
最好不要在模型中包含视图助手。只使用:
HTML::FullSanitizer.new.sanitize(text)
#3
3
Just use the strip_tags() text helper as mentioned by zetetic
只需使用zetetic提到的strip_tags()文本帮助器
#4
1
First, the issue here is that Array#each
returns the input array regardless of the block contents. A couple people just went over Array#each
with me in a question I asked: "Return hash with modified values in Ruby".
首先,这里的问题是,数组#返回输入数组,而与块内容无关。有几个人刚刚和我一起讨论了数组#,我问了一个问题:“返回带有Ruby修改值的散列”。
Second, Aside from Array#each
not really doing what you want it to here, I don't think you should be doing this anyway. Why would you need to run this method over ALL the model's attributes?
其次,除了#数组之外,我不认为你应该这样做。为什么需要在模型的所有属性上运行这个方法?
Finally, why not keep the HTML input from the users and just use the standard h()
helper when outputting it?
最后,为什么不保留用户的HTML输入,并在输出时使用标准的h()帮助器呢?
# this will output as plain text
<%=h string_with_html %>
This is useful because you can view the database and see the unmodified data exactly as it was entered by the user (if needed). If you really must convert to plain text before saving the value, @zetetic's solution gets you started.
这是有用的,因为您可以查看数据库并查看未经修改的数据(如果需要的话)。如果您真的必须在保存值之前转换为纯文本,那么@zetetic的解决方案就可以开始了。
include ActionView::Helpers::SanitizeHelper
class Comment < ActiveRecord::Base
before_save :sanitize_html
protected
def sanitize_html
self.text = sanitize(text)
end
end
#5
1
Reference Rails' sanitizer directly without using includes.
参考Rails的消毒剂直接使用,不使用include。
def text
ActionView::Base.full_sanitizer.sanitize(html).html_safe
end
NOTE: I appended .html_safe to make HTML entities like
render correctly. Don't use this if there is a potential for malicious JavaScript injection.
注意:我附加了.html_safe,以使HTML实体如和。正确地呈现。如果有恶意JavaScript注入的可能性,不要使用这个。
#6
0
If you want to remove
along with html tags, nokogiri can be used
如果你想要删除除了html标签,还可以使用nokogiri
include ActionView::Helpers::SanitizeHelper
def foo
sanitized_output = strip_tags(html_input)
Nokogiri::HTML.fragment(sanitized_output)
end
#1
44
untested
未测试的
include ActionView::Helpers::SanitizeHelper
def foo
sanitized_output = sanitize(html_input)
end
where html_input is a string containing HTML tags.
html_input是一个包含HTML标记的字符串。
EDIT
编辑
You can strip all tags by passing :tags=>[]
as an option:
您可以通过传递:tags=>[]作为一个选项来去除所有的标签:
plain_text = sanitize(html_input, :tags=>[])
plain_text =清洁(html_input:标签= >[])
Although reading the docs I see there is a better method:
虽然阅读文档我看到有更好的方法:
plain_text = strip_tags(html_input)
plain_text = strip_tags(html_input)
Then make it into a before filter per smotchkiss and you're good to go.
然后把它做成一个前滤镜,然后你就可以开始了。
#2
10
It would be better not to include view helpers in your model. Just use:
最好不要在模型中包含视图助手。只使用:
HTML::FullSanitizer.new.sanitize(text)
#3
3
Just use the strip_tags() text helper as mentioned by zetetic
只需使用zetetic提到的strip_tags()文本帮助器
#4
1
First, the issue here is that Array#each
returns the input array regardless of the block contents. A couple people just went over Array#each
with me in a question I asked: "Return hash with modified values in Ruby".
首先,这里的问题是,数组#返回输入数组,而与块内容无关。有几个人刚刚和我一起讨论了数组#,我问了一个问题:“返回带有Ruby修改值的散列”。
Second, Aside from Array#each
not really doing what you want it to here, I don't think you should be doing this anyway. Why would you need to run this method over ALL the model's attributes?
其次,除了#数组之外,我不认为你应该这样做。为什么需要在模型的所有属性上运行这个方法?
Finally, why not keep the HTML input from the users and just use the standard h()
helper when outputting it?
最后,为什么不保留用户的HTML输入,并在输出时使用标准的h()帮助器呢?
# this will output as plain text
<%=h string_with_html %>
This is useful because you can view the database and see the unmodified data exactly as it was entered by the user (if needed). If you really must convert to plain text before saving the value, @zetetic's solution gets you started.
这是有用的,因为您可以查看数据库并查看未经修改的数据(如果需要的话)。如果您真的必须在保存值之前转换为纯文本,那么@zetetic的解决方案就可以开始了。
include ActionView::Helpers::SanitizeHelper
class Comment < ActiveRecord::Base
before_save :sanitize_html
protected
def sanitize_html
self.text = sanitize(text)
end
end
#5
1
Reference Rails' sanitizer directly without using includes.
参考Rails的消毒剂直接使用,不使用include。
def text
ActionView::Base.full_sanitizer.sanitize(html).html_safe
end
NOTE: I appended .html_safe to make HTML entities like
render correctly. Don't use this if there is a potential for malicious JavaScript injection.
注意:我附加了.html_safe,以使HTML实体如和。正确地呈现。如果有恶意JavaScript注入的可能性,不要使用这个。
#6
0
If you want to remove
along with html tags, nokogiri can be used
如果你想要删除除了html标签,还可以使用nokogiri
include ActionView::Helpers::SanitizeHelper
def foo
sanitized_output = strip_tags(html_input)
Nokogiri::HTML.fragment(sanitized_output)
end