Class: Rails::Html::FullSanitizer
- Defined in:
- lib/rails/html/sanitizer.rb
Overview
Rails::Html::FullSanitizer
Removes all tags but strips out scripts, forms and comments.
full_sanitizer = Rails::Html::FullSanitizer.new full_sanitizer.sanitize(“Bold no more! <a href=‘more.html’>See more here</a>…”) # => Bold no more! See more here…
Constant Summary
Constants inherited from Sanitizer
Instance Method Summary collapse
Methods inherited from Sanitizer
full_sanitizer, link_sanitizer, white_list_sanitizer
Instance Method Details
#sanitize(html, options = {}) ⇒ Object
25 26 27 28 29 30 31 32 |
# File 'lib/rails/html/sanitizer.rb', line 25 def sanitize(html, = {}) return unless html return html if html.empty? Loofah.fragment(html).tap do |fragment| remove_xpaths(fragment, XPATHS_TO_REMOVE) end.text end |