I used the TinyMce header link to get formatting options in text input areas of my RoR 2.3.5 app.
This works fine for sending emails, but when I try to save text in the database, the HTML tags get erased and it is displayed as plain text.
For example,
<%= text_area (:inspection, :kashruth_comments, :class => 'tinymce') %>
How can I save the tags as well?
Based on this page I tried adding into config\initializers\new_rails_defaults.rb
:
ActionView::Base.sanitized_allowed_tags.replace %w(strong em b i hr br ul ol li blockquote)
ActionView::Base.sanitized_allowed_attributes.replace %w(href a)
but it did not help.
In the
/vendor/plugins
folder, there is a plugin calledxss-terminate
. In theREADME.rdoc
file, I foundIn
models/inspection.rb
, I addedNow, when I entered 'going nuts' as bold and italic, it saves as such.
When I entered
<script>going nuts</script>
, it displays exactly as that, but in the database, it is stored asDoes that look correct?