允许使用 simple_format 帮助器使用 id 属性
作为概念证明,这里首先是一些控制台输出:
ruby-1.9.2-p180 :010 > x = "<span id='c_3'>s</span>"
=> "<span id='c_3'>s</span>"
ruby-1.9.2-p180 :011 > helper.simple_format(x)
=> "<p><span>s</span></p>"
这样做的原因是 Rails 辅助方法 simple_format 在执行的最后调用了 sanitize 方法,并且该方法去掉属性。
我知道 sanitize 将允许您指定不应删除的属性。我的问题是:是否可以通过 simple_format 以某种方式传递“白名单”属性(在本例中为 id)?
谢谢!!
As a proof of concept here's some console output first:
ruby-1.9.2-p180 :010 > x = "<span id='c_3'>s</span>"
=> "<span id='c_3'>s</span>"
ruby-1.9.2-p180 :011 > helper.simple_format(x)
=> "<p><span>s</span></p>"
The reason for this is that the Rails helper method simple_format call the sanitize method at the very end of it's execution and that method strips out attributes.
I know that sanitize will allow you to specify attributes that should not be stripped. My question is: Is it possible to somehow pass the "white listed" attribute (id in this case) THROUGH simple_format ?
thanks!!
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
您无法传递白名单,但可以通过执行
http://api.rubyonrails.org/classes/ActionView/Helpers/TextHelper.html#method-i-simple_format
You cannot pass a white-list, but you can disable sanitization completely by doing
http://api.rubyonrails.org/classes/ActionView/Helpers/TextHelper.html#method-i-simple_format