Home/ Questions/Q 8706247
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-13T03:34:10+00:00

I’m using wysihtml5 in the form of my Post model: posts/_form.html.erb: <%= f.text_area :content,

  • 0

I’m using wysihtml5 in the form of my Post model:

posts/_form.html.erb:

<%= f.text_area :content, id: "wysihtml5-textarea",
                          placeHolder: "Content" %>

And displaying the results as raw + sanitize:

show.html.erb:

<%= sanitize raw(@post.content), :tags => %w(b i u p br) %>

(I’m only allowing b, i, u, p, and br tags).

The problem with this is that html tags other than those mentioned above (b, i, u, p, and br), are still getting saved in the text area (they are still visible for the user if he clicks edit). I would like to remove then right after the user clicks submit (like how WordPress’ text editor does it).

Any suggestions?

EDIT:

Something I’m trying:

post.rb:

  before_save :remove_html_tags

  def remove_html_tags
    self.content.sanitized_allowed_tags.delete 'div'
  end
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Check out the API docs: http://api.rubyonrails.org/classes/ActionView/Helpers/SanitizeHelper.html

    Scroll down a bit, maybe this is what you’re looking for:

    class Application < Rails::Application
  config.after_initialize do
    ActionView::Base.sanitized_allowed_tags.delete 'div'
  end
end

    UPDATE: If you want to strip tags right before the resource is saved, you could do this on the model level with a before_save callback. Or in your controller, in the #create action right before the resource is saved. If you want to strip certain tags then you could use #strip_tags, for example:

    before_save do |post|
  post.content = strip_tags(post.content)
end

    but since this is a method from ActiveSupport, you have to include the module in your model:

    `ActionView::Helpers::SanitizeHelper`
    • 0