Home/ Questions/Q 4614278
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-22T01:40:31+00:00

Is it possible to pass regular expression to the list of allowed html attributes

  • 0

Is it possible to pass regular expression to the list of allowed html attributes for sanitize method in rails3? In my particular situation I would like to allow all attributes starting with "data-"

Either on sanitize call

sanitize(my_string, :tags => %w(div span), :attributes => my_regular_expression)

or in application.rb like 

config.action_view.sanitized_allowed_attributes = 'id', 'style', my_regular_expression
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    hmmm… computer says no.

    irb(main):018:0> my_string = "<div style=\"color:red;\" id=\"abcd\">abcd-def></div><span class=\"blah\">abcghi</span><a href=\"http://mylink.com/\">mylink</a>"
=> "<div style=\"color:red;\" id=\"abcd\">abcd-def></div><span class=\"blah\">abcghi</span><a href=\"http://mylink.com/\">mylink</a>"
irb(main):006:0> sanitize(my_string, :tags => %w(div span), :attributes => ['id'])
=> "<div id=\"abcd\">abcd-def></div><span>abcghi</span>mylink"
irb(main):005:0> sanitize(my_string, :tags => %w(div span), :attributes => [/id/])
=> "<div>abcd-def></div><span>abcghi</span>mylink"
irb(main):020:0> sanitize(my_string, :tags => %w(div span), :attributes => /id/)
NoMethodError: undefined method `include?' for /id/:Regexp

    Would be great feature, though. You could add it as a feature request on rails.

    • 0