Class: Rails::Html::FullSanitizer

Inherits:
Sanitizer
  • Object
show all
Defined in:
lib/rails/html/sanitizer.rb

Overview

Rails::Html::FullSanitizer

Removes all tags but strips out scripts, forms and comments.

full_sanitizer = Rails::Html::FullSanitizer.new full_sanitizer.sanitize(“Bold no more! <a href=‘more.html’>See more here</a>…”) # => Bold no more! See more here…

Constant Summary

Constants inherited from Sanitizer

Sanitizer::VERSION

Instance Method Summary collapse

Methods inherited from Sanitizer

full_sanitizer, link_sanitizer, white_list_sanitizer

Instance Method Details

#sanitize(html, options = {}) ⇒ Object



25
26
27
28
29
30
31
32
# File 'lib/rails/html/sanitizer.rb', line 25

def sanitize(html, options = {})
  return unless html
  return html if html.empty?

  Loofah.fragment(html).tap do |fragment|
    remove_xpaths(fragment, XPATHS_TO_REMOVE)
  end.text
end