当前位置：文江博客话题详情

铁道3号逃离丸久

发布于 2024-09-02 19:59:53 字数 250 浏览 10 评论 0原文

我正在将 Maruku 与我的 RoR3 应用程序一起使用。但问题是，当我在使用 Maruku 之前使用 h(text) 方法从数据库中转义文本时，它会将 > 转义为 &gt ; 所以 Maruku 不会将其视为块引用。

但我仍然想逃避文本的其余部分，所以我的问题是如何才能完成这项工作？

我不想禁用转义，但我不希望它转义 >

原文

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

计㈡愣 2024-09-09 19:59:53

Rails 3 默认情况下会转义所有字符串。您需要使用“some_string.html_safe”将它们标记为安全，或者使用 <%= raw some_string %>;如果您想避免这种情况，请在模板中添加。

如果您设置清理助手以允许 HTML 标记如果想要通过，您可以执行以下操作：

<%= sanitize(@maruku_content.to_html) %>

Sanitize 将清理您的内容并将输出标记为 html_safe，同时保留所需的标签不变。此选项在rails_xss插件文档此处中讨论。他们使用的例子是纺织品。

Rails 3 escapes all strings by default. You need to mark them as safe by using "some_string.html_safe" or use <%= raw some_string %> in the template if you want to avoid this.

If you setup the sanitize helper to allow the HTML tags you want to pass through, you could do something like this:

<%= sanitize(@maruku_content.to_html) %>

Sanitize will scrub your content and mark the output as html_safe while leaving the desired tags intact. This option is discussed in the rails_xss plugin docs here. The example they use is for textile.

回复收藏 0 原文

盗梦空间 2024-09-09 19:59:53

以下方法采用 html_encoded 多行字符串并将所有已转换为 html 实体代码的 maruku blockquote 元素替换回 > >

出于此实现的目的，maruku 块引用行被定义为以一个或多个 > 开头的行。序列用可选的空格分隔。

def maruku_escape(text)
  text.gsub(/^([\s]*\>)+/) {|match| match.gsub(/\>/, '>')}
end

使用了以下测试字符串

test_text = "<b>A bold tag</b>
<span>Some text in a span</span>

Some Markdown
> Blockquote 1
  > > nested blockquote 1
  > > nested blockquote 2
  >> nested blockquote 3 with no spaces


Some plain text with an invalid blockquote > Some blockquote text
<i>The end in italics<i>"

并按如下方式使用 maruku_text = maruku_escape(ERB::Util.html_escape(test_text))

给出了以下结果

result =  "<b>A bold tag</b>
<span>Some text in a span</span>

Some Markdown
> Blockquote 1
  > > nested blockquote 1
  > > nested blockquote 2
  >> nested blockquote 3 with no spaces


Some plain text with an invalid blockquote > Some blockquote text
<i>The end in italics<i>
"

The following method takes html_encoded multiline strings and replaces all maruku blockquote elements that have been converted to html entity codes back to >

For the purpose of this implementation a maruku blockquote line is defined as a line beginning with one or more > sequences separated with optional whitespace.

def maruku_escape(text)
  text.gsub(/^([\s]*\>)+/) {|match| match.gsub(/\>/, '>')}
end

The following test string was used

test_text = "<b>A bold tag</b>
<span>Some text in a span</span>

Some Markdown
> Blockquote 1
  > > nested blockquote 1
  > > nested blockquote 2
  >> nested blockquote 3 with no spaces


Some plain text with an invalid blockquote > Some blockquote text
<i>The end in italics<i>"

And using this as follows maruku_text = maruku_escape(ERB::Util.html_escape(test_text))

Gave the following results

result =  "<b>A bold tag</b>
<span>Some text in a span</span>

Some Markdown
> Blockquote 1
  > > nested blockquote 1
  > > nested blockquote 2
  >> nested blockquote 3 with no spaces


Some plain text with an invalid blockquote > Some blockquote text
<i>The end in italics<i>
"

回复收藏 0 原文

~没有更多了~