6:[["$","$Le",null,{}],["$","div",null,{"className":"min-h-screen bg-gray-100 p-6","children":[["$","$Lf",null,{}],["$","script",null,{"type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"{\"@context\":\"https://schema.org\",\"@type\":\"QAPage\",\"mainEntity\":{\"@type\":\"Question\",\"name\":\"Sanitize HTML and close incomplete tags\",\"text\":\"

sanitize() in ApplicationHelper doesn't close tags.

\\n\\n

s = \\\"<a href='http://example.com'>incomplete\\\"\\nsanitize(s, :tags => ['a', 'p'])\\n

\\n\\n

The above snippet leaves the string as is. How could I force it to append a closing </a> or at least strip the <a> altogether?

\\n\",\"author\":{\"@type\":\"Person\",\"name\":\"mahemoff\"},\"upvoteCount\":6,\"answerCount\":2,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"

The updated answer is

\\n

 s = "<a href='http://example.com'>incomplete"\\n html = sanitize(s, tags: %w[a p])\\n Nokogiri::HTML::DocumentFragment.parse(html).to_html\\n

\\n\",\"author\":{\"@type\":\"Person\",\"name\":\"jvnill\"},\"upvoteCount\":2}}}"}}],["$","div",null,{"className":"bg-white shadow-md rounded-lg p-6 mb-6 relative","children":[["$","div",null,{"className":"absolute top-4 right-4 flex flex-wrap space-x-2","children":[["$","span","html",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/html/1","children":"html"}]}],["$","span","ruby-on-rails",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/ruby-on-rails/1","children":"ruby-on-rails"}]}],["$","span","ruby",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/ruby/1","children":"ruby"}]}],["$","span","ruby-on-rails-3.1",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/ruby-on-rails-3.1/1","children":"ruby-on-rails-3.1"}]}],["$","span","sanitize",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/sanitize/1","children":"sanitize"}]}]]}],["$","div",null,{"className":"flex items-center mb-4","children":[["$","img",null,{"src":"https://www.gravatar.com/avatar/cabf735ce7b8b4471ef46ea54f71832d?s=256&d=identicon&r=PG","alt":"mahemoff","className":"w-16 h-16 rounded-full border"}],["$","div",null,{"className":"ml-4","children":[["$","a",null,{"href":"https://stackoverflow.com/users/18706/mahemoff","target":"_blank","rel":"noopener noreferrer","className":"text-lg font-semibold text-blue-600 hover:underline","children":"mahemoff"}],["$","p",null,{"className":"text-sm text-gray-500","children":["Reputation: ",46379]}]]}]]}],["$","h1",null,{"className":"text-2xl font-bold text-gray-800 mb-4","children":"Sanitize HTML and close incomplete tags"}],["$","p",null,{"className":"text-gray-700 mt-4","dangerouslySetInnerHTML":{"__html":"

sanitize() in ApplicationHelper doesn't close tags.

\n\n

s = \"<a href='http://example.com'>incomplete\"\nsanitize(s, :tags => ['a', 'p'])\n

\n\n

The above snippet leaves the string as is. How could I force it to append a closing </a> or at least strip the <a> altogether?

\n"}}],["$","div",null,{"className":"text-gray-600 text-sm mt-4","children":[["$","p",null,{"children":["Upvotes: ",6]}],["$","p",null,{"children":["Views: ",2631]}]]}]]}],["$","div",null,{"className":"container mx-auto","children":[["$","h2",null,{"className":"text-2xl font-semibold text-gray-800 mb-6","children":["Answers (",2,")"]}],[["$","div","32925436",{"className":"bg-white shadow-md rounded-lg p-6 mb-6","children":[["$","div",null,{"className":"flex items-center mb-4","children":[["$","img",null,{"src":"https://i.sstatic.net/fKzgt.jpg?s=256","alt":"jvnill","className":"w-12 h-12 rounded-full border"}],["$","div",null,{"className":"ml-4","children":[["$","a",null,{"href":"https://stackoverflow.com/users/337166/jvnill","target":"_blank","rel":"noopener noreferrer","className":"text-lg font-semibold text-blue-600 hover:underline","children":"jvnill"}],["$","p",null,{"className":"text-sm text-gray-500","children":["Reputation: ",29599]}]]}]]}],["$","p",null,{"className":"text-gray-700 mb-4","dangerouslySetInnerHTML":{"__html":"

The updated answer is

 s = "<a href='http://example.com'>incomplete"\n html = sanitize(s, tags: %w[a p])\n Nokogiri::HTML::DocumentFragment.parse(html).to_html\n

\n"}}],["$","div",null,{"className":"text-gray-600 text-sm","children":["$","p",null,{"children":["Upvotes: ",2]}]}]]}],["$","div","9934038",{"className":"bg-white shadow-md rounded-lg p-6 mb-6","children":[["$","div",null,{"className":"flex items-center mb-4","children":[["$","img",null,{"src":"https://www.gravatar.com/avatar/75bf31b48e75eedfebaa411a76a85155?s=256&d=identicon&r=PG","alt":"Niklas B.","className":"w-12 h-12 rounded-full border"}],["$","div",null,{"className":"ml-4","children":[["$","a",null,{"href":"https://stackoverflow.com/users/916657/niklas-b","target":"_blank","rel":"noopener noreferrer","className":"text-lg font-semibold text-blue-600 hover:underline","children":"Niklas B."}],["$","p",null,{"className":"text-sm text-gray-500","children":["Reputation: ",95298]}]]}]]}],["$","p",null,{"className":"text-gray-700 mb-4","dangerouslySetInnerHTML":{"__html":"

You can use a proper HTML parser to do this. I'd recommend Nokogiri for the job:

\n\n

require 'nokogiri'\n# ...\ns = \"<a href='http://example.com'>incomplete\"\nNokogiri::HTML::fragment(sanitize(s, :tags => ['a', 'p'])).to_xml\n# => \"<a href=\\\"http://example.com\\\">incomplete</a>\"\n

\n\n

This will always return valid XML. Of course you can package that into your own helper method for easier usage.

\n"}}],["$","div",null,{"className":"text-gray-600 text-sm","children":["$","p",null,{"children":["Upvotes: ",5]}]}]]}]]]}],["$","div",null,{"className":"bg-white shadow-md rounded-lg p-6 mt-6","children":[["$","h2",null,{"className":"text-2xl font-semibold text-gray-800 mb-4","children":"Related Questions"}],["$","ul",null,{"className":"list-disc list-inside","children":[["$","li","40491759",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/40491759","className":"text-blue-600 hover:underline","children":"rails sanitize method not removing html tags"}]}],["$","li","26192059",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/26192059","className":"text-blue-600 hover:underline","children":"How to collapse HTML whitespace?"}]}],["$","li","20598039",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/20598039","className":"text-blue-600 hover:underline","children":"rails sanitize pops out of <p> tag"}]}],["$","li","17479135",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/17479135","className":"text-blue-600 hover:underline","children":"How do I trim the head and tail of empty tags in HTML?"}]}],["$","li","14955683",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/14955683","className":"text-blue-600 hover:underline","children":"How to make the "sanitize" Rails method to leave a space where an HTML used to be?"}]}],["$","li","6954258",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/6954258","className":"text-blue-600 hover:underline","children":"How to sanitize data (remove html tags) before saving a record?"}]}],["$","li","3864242",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/3864242","className":"text-blue-600 hover:underline","children":"How to sanitize user generated html code in ruby on rails"}]}],["$","li","6396370",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/6396370","className":"text-blue-600 hover:underline","children":"HTML Purifier equivalent for Ruby on Rails?"}]}],["$","li","6086664",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/6086664","className":"text-blue-600 hover:underline","children":"The PHP HTMLPurifier library, but for Rails?"}]}],["$","li","1160493",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/1160493","className":"text-blue-600 hover:underline","children":"How best to sanitize rich html with rails?"}]}]]}]]}]]}],["$","$L11",null,{}],["$","$L12",null,{}],["$","$L13",null,{}],["$","$L14",null,{}],["$","$L15",null,{}]]

Sanitize HTML and close incomplete tags

Answers (2)

Related Questions