Pergunta

I am making a web app that integrates the Ace online IDE. A user enters an input through the Ace IDE which is then stored in a database. But when that is then rendered from the database Rails has done some sort of sanitization and the HTML tags are not loaded.

How do I explicitly tell Rails to leave all HTML tags in the tags and not format it (includes tabs and spaces)?

EDIT:

This is what the user inputs:

enter image description here

And this is what it outputs:

enter image description here

Foi útil?

Solução 3

Turns out it was because I was using simple_format() when I removed that and just simply called <%= @lesson.lesson_content %> it rendered perfectly.

Outras dicas

Try the raw method. This method outputs without escaping a string

you have to append .html_safe to any string you're returning to the view. By default Rails doesn't trust anything the user might have created.

So

 <%= @my_source_code_from_the_db %>

Becomes

<%= @my_source_code_from_the_db.html_safe %>

As @Sam_D mentioned, another option is to wrap your string in a call to raw: 

<%= raw(@my_source_code_from_the_db) %>
Licenciado em: CC-BY-SA com atribuição
Não afiliado a StackOverflow
scroll top