How to include html coming from wysihtml5 in a view?

Question

I have text content prepared using the wysihtml5 gem, which I would like to show in a div. Question is how to "render" this text content, as to be "safe". Should I use

= text.html_safe

or

= simple_format(text)

or

= raw(text)

or...

Answer 1

If you would like to show everything, as it was entered in wysihtml5 (but not 100% safe), than use any of these:

= text.html_safe
= raw text
== text

If you would like to make it absolutely safe, then use:

== sanitize text, tags: %w(em strong b i u a ...), attributes: %w(href title ...)

In such way you can control tags that are allowed and allowed attributes for tags.