I was wondering if Rails3 had an easy way to remove html tags from the input data before saving it in the database. Right now the data is sanitized on the view level by HAML. JS doesn't get executed and stuff, but I'd like to completely remove potentially harmful data. Basically, my question is: is there a helper I could use in a before_save filter to safely strip the tags out?

How to sanitize data (remove html tags) before saving a record?

I'm using sanitize for this jobs which is based on nokogiri. Is simpler to use, because you don't have to access view helpers in your model.

answered Nov 03 '22 00:11

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!