user181452 user181452 - 2 months ago 22
HTML Question

sanitize and raw still showing html tags, Slim

I have a comment data which contains html text, and I want to show the html renders without any tags inside.

I'm working with RoR and slim.

I tried

sanitize
,
raw
and
html_safe
. but all of them gave me the same result. they removed some html but I still see html tags.

data before using them:

<img alt="User-added image" src="https://rrrrr;amp;feoid=00N2400000H7Rxb&refid=0EM7E0000004FgN" style="height: 333px; width: 500px;"></img><br><br>Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt ut labore et dolore magna aliquyam


data after using them:

= raw resource.comments
= sanitize resource.comments
= strip_tags "'#{resource.comments}'"
= ActionView::Base.full_sanitizer.sanitize(resource.comments)


or

def formatted_comments
h.sanitize(comments, :tags => [], :attributes => [])
end

= formatted_comments


result:

<img alt="User-added image" src="https://rrrrr;feoid=00N2400000H7Rxb&amp;refid=0EM7E0000004FgN" style="height: 333px; width: 500px;"></img><br><br>Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua. At vero eos et accusam et justo duo dolores et ea rebum. Stet clita kasd gubergren, no sea takimata sanctus est Lorem ipsum dolor sit amet. Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam


Update:

I noticed that the rendered html tag contains the following.
" my result of html tags here " = $0

trying to remove it manually, all html was rendered!

Answer

Finally I was able to do it like the following

 CGI.unescapeHTML(text).html_safe