I am building a social networking site which currently has comments enabled. I was wondering if anyone knew how to enable html within these comments so that people can post links to other sites on the internet and have these links actually work if you click on them. Actually, this hyperlink capability is the only think that I really need. Anyone know how to enable hyperlinks in comments? Thanks, Dave
Hi Dave,
I would suggest trying the sanitize helper. This can be configured to only permit certain HTML tags. The API docs are quite detailed.
http://api.rubyonrails.org/classes/ActionView/Helpers/SanitizeHelper.html
Allow people to put anything in the comment (within reason of course - some input validation would be useful), and then use the helper in the view. The alternative of course is to use regular expressions to validate the input.
Best Regards
Robin
http://www.railslodge.com/plugins/106-nofollow-links may also come in useful if you go with the above approach.
else there is also an auto_link text helper http://api.rubyonrails.org/classes/ActionView/Helpers/TextHelper.html#M001058
Dave Lynam wrote:
Hi Dave,
I assume you are asking this question because you already have something implemented and are wondering why links aren't working. Have a look in your view code and remove the html escape method ("h"):-
<%=h "some html text" %>
and change the erb to:-
<% "some html text" %>
Once you have done that and the links are working I strongly suggest
you look at SanitizeHelper as Robin suggested, you don't want anyone
to slip malicious code into your comments
Jabbslad
I would suggest the whitelist plugin. That way you can set what they can and can't do as far as html, like bold, italic, links, etc.
Awesome, this all looks like good advice. Thanks.