Preventing Javascript but allowing HTML?

Is there a way I can take away Javascript from a user input but let
them use HTML? Or rather, is there a built in function that just takes
away <script> and leaves all the other tags in tact or would I have to
make one myself?

Mike C wrote:

Is there a way I can take away Javascript from a user input but let
them use HTML? Or rather, is there a built in function that just takes
away <script> and leaves all the other tags in tact or would I have to
make one myself?

You probably want sanitize:

http://api.rubyonrails.com/classes/ActionView/Helpers/SanitizeHelper.html#M000936

It will make JavaScript and forms innocuous leaving everything else
intact. You can easily customize it to suit your requirements.