My goal is to find something like "b1234" in the paragraph and replace it with:
<a href=http://bugtracker.com/bug/1234>b1234</a>
I did this using a simple ruby:
"I fixed b1234 today".gsub(/(b([0-9]+))/i, '<a href=http://bugtracker.com/bug/\2>\1</a>')
It outputs:
=> "I fixed <a href=http://bugtracker.com/bug/1234>b1234</a> today"
I have a view in rails:
<%= post.content %>
Note. I do not save HTML code in my database when creating posts.
If I do this:
<%= post.content.gsub(...) %>
I get escaped html in the output file:
<a href= ... instead of <a href= ...
... And I want this behavior , I do not want users to submit HTML (iframes would be scary!).
But how can I still get the search and replace functionality that I want without sacrificing security? Maybe a Javascript approach?
Thank!
source
share