Ask A Question

Notifications

You’re not receiving notifications from this thread.

simple_format and Embedded content

Tony asked in Rails
Tony Tony

I currently have a part of my website where people can submit user generated articles. I use simple_format to retain the layout.

e.g.

<%= simple_format(@post.content %>

As more and more of the internet uses embedded content such as Instragram posts and YouTube videos I'd like to be able to allow my users to be able to add embedded content to their articles to make them look a bit more interesting. Obviously simple_format won't allow the content to be displayed. Apart from doing something like the following which would endanger my website to exploits - what could I do?

<%= simple_format(@post.content , {}, :sanitize => false) %>

I could use a form where someone submits part of an Instragram and YouTube link but I don't think it is a very good solution as I don't know in advance at what point someone might want to add the content or how many YouTube videos they might want to have embedded on the page.

Reply
Join the discussion
Create an account Log in

Want to stay up-to-date with Ruby on Rails?

Join 82,464+ developers who get early access to new tutorials, screencasts, articles, and more.

    We care about the protection of your data. Read our Privacy Policy.