我正在尝试使用ActionView中的Sanitize方法。
第r_str = Helper.instance.sanitize(r_str, :tags => @@allowed_tags, :attributes => @@allowed_attribs)行给出了错误
undefined method `white_list_sanitizer' for Parsers::HTML::Helper:Class
这是我在lib/parsers.rb
module Parsers
module HTML
@@allowed_tags = %w(--snip--)
@@allowed_attribs = %w(--snip--)
class Helper
include Singleton
include ActionView::Helpers::SanitizeHelper
end
#Use built-in santizer and the Hpricot plugin
def self.clean(str)
rgx = /<code>(.*?)<\/code>/ #All html within a code tag should be escaped.
r_str = str.gsub(rgx) { |match| "<code>" + CGI.escapeHTML(match[5..-7]) + "</code>" } # TODO: test this.
r_str = Helper.instance.sanitize(r_str, :tags => @@allowed_tags, :attributes => @@allowed_attribs)
Hpricot(r_str)
end
end
--snip--
end
我做错了什么?
(请不要评论允许用户提交HTML的危险,我知道风险)
答案 0 :(得分:2)
只需代替“包含ActionView :: Helpers :: SanitizeHelper”,
include ActionView::Helpers
上面的内容将混合来自SanitizeHelper的ClassMethods,您的代码将起作用。
注意:我也看到过明确建议的建议:
extend ActionView::Helpers::SanitizeHelper::ClassMethods
答案 1 :(得分:0)
您还需要来自sanitize helper的类方法
class Helper
include Singleton
include ActionView::Helpers::SanitizeHelper
class << self
include SanitizeHelper::ClassMethods
end
end
答案 2 :(得分:-2)
rails中正确的类是HTML::Sanitizer