I have used MarkiItUp to build a jquery editor. Now when user type content in textarea with html code, like this:
A new <strong>true</strong> question
When record was saved, it save A new <strong>true</strong> question. And when it display on page, it also display like content was saved, is A new <strong>true</strong> question . But i want the content display on web like this:
A new true question
How can i do that?
To display it, use html_safe. This way your string would be rendered as HTML.
Refer to this question for more info.
Ruby on Rails: how to render a string as HTML?
Related
I understand that Action Text attachments are store in the DB in a compressed form that appears as an "action-text-attachment" tag. However when rendered using to_trix_html this tag is not rendered as I suppose it would mess with Trix's internal model.
I cannot understand why this tag is required when Rich Text is rendered as HTML (for example in a show action). I'd really appreciate if someone could explain why this has been designed this way.
its need to be there as an identifier and its saved like that inside the database
the tag contain 5 attributes content-type
url
filename
filesize and sgid
sgid is Signed Global IDs its unique to each file the function is as an anti-tamper and identifier about the attached file
as for the .to_trix_html giving different tag yes its need to be like that
because we want different way to handle the attachment inside the trix editor and when it outside the trix editor.
and if you want to know more about how the attachments works in action_text you could check this blog post
I need to build a manage environment for my users so they could create new views (to give a title, a category, and the main content) or edit the content of the views that already have been created. I need to store this information in a database and have it appear in my site. I search through the internet but I didn't find a solution. I need this because I would like my site to have searchable content and because I have to many pages. Is that possible to achieve with MVC?
first step
Save view content as string using a wysiwyg editor, I recomend
http://summernote.org/
You need show your html using Html.raw() :
Exemple: Html.Raw("<div class=\"resource-row\">")
that way you will show your string as HTML.
I hope it is useful
(app is built on Rails 4.0.3/postgres)
I have a model defined where one of the attributes is a text field containing the entire HTML of a webpage- I store it as text, which I then set as an instance variable (#html) in the controller and then render it through a view using <%=raw #html %>. This allows me to store and render entire pages easily.
My question is, I need to allow users to edit the HTML in-browser using some kind of markup language/editor, so how would I go about doing so? The workflow would be that the user clicks on an instance of the model through a dashboard, and then is able to edit the name of model instance (easy), and under that is able to edit the html attribute and save it via some kind of markup editor like Github's gist editor. I feel like this should be easy but can't figure it out- can anyone point me in the right direction?
Thanks!
I am new to rails.I want to create a text area that will accepts html as input and can process them as well.
I dont know how to do this .I am using formtastic gem for my form.
Please help me out.
thanks in advance.
If you type any valid html on your text area, save, and then show the string with html_safe method, it should parse the html as usual.
Example: "<b>Hello bold</b>".html_safe should render Hello bold on the screen.
I am using FckEditor in Create.aspx page in asp.net mvc application.
Since I need to show rich text in web pages, I used ValidateInput(false) attribute top of action method in controller class.
And I used Html.Encode(Model.Message) in Details.aspx to protect user's attack.
But, I had result what I did not want as following :
<p> Hello </p>
I wanted following result not above :
Hello
How can I show the text what user input?
Thanks in advance
The short answer is that HTMLEncode is making your markup show like that. If you don't HTMLEncode, it will do what you want.
You need to think about whether or not you need full control of markup, who is entering the markup, and if an alternative like BBCode is an option.
If your users using the editor are all sure to be 'safe' users, then XSS isn't likely to be as much a concern. However, if you are using this on a comment field, then BBCode, or something like SO itself uses is more appropriate.
You wont be able to use a WYSIWYG editor and do HTMLEncode though... (without BBCode, or some other token system)
It seems the user entered "<p> Hello </p>" (due to pressing Enter?) into the edit control, and it is displaying correct in the HTML as you have done an Html.Encode. E.g. the paragrahs are not rendered, they are outputted as "<p>..</p>" as the string is HTML encoded into something like "<p> Hello <p>".
If you do not want tags, I would suggest searching the text string for tags (things with <...>) and removing them from the inputted text. Do this before HTML.Encode.
...or am I missing something?
You can use HttpServerUtility.HtmlEncode(String)