All threads / simple_format and Embedded content

Ask A Question

Notifications

You’re not receiving notifications from this thread.

simple_format and Embedded content

Tony asked in Rails

I currently have a part of my website where people can submit user generated articles. I use simple_format to retain the layout.

e.g.

<%= simple_format(@post.content %>

As more and more of the internet uses embedded content such as Instragram posts and YouTube videos I'd like to be able to allow my users to be able to add embedded content to their articles to make them look a bit more interesting. Obviously simple_format won't allow the content to be displayed. Apart from doing something like the following which would endanger my website to exploits - what could I do?

<%= simple_format(@post.content , {}, :sanitize => false) %>

I could use a form where someone submits part of an Instragram and YouTube link but I don't think it is a very good solution as I don't know in advance at what point someone might want to add the content or how many YouTube videos they might want to have embedded on the page.

Join the discussion

Want to stay up-to-date with Ruby on Rails?

Join 37,344+ developers who get early access to new tutorials, screencasts, articles, and more.

    We care about the protection of your data. Read our Privacy Policy.

    logo Created with Sketch.

    Ruby on Rails tutorials, guides, and screencasts for web developers learning Ruby, Rails, Javascript, Turbolinks, Stimulus.js, Vue.js, and more. Icons by Icons8

    © 2020 GoRails, LLC. All rights reserved.