Rails 3.1 CKEditor gem raw text - ruby-on-rails

I'm using the ckeditor gem and when I use the paste as plain text dialog it encapsulates the text in quotes as well as < p> tags and < br> tags. Is there any way I can tell ckeditor not to use any markup whatsoever when using that option.
What I am trying to accomplish is to have snippets of code within an article. Those snippets are processed using the markdown gem as well as pigments.rb. The following code is what I'm trying to accomplish
```ruby
puts "hello world"
class Hello
end
```
and this is what I'm getting
<p>
```ruby<br />
puts "hello world"
class hello<br />
end<br /></p>

This might be what you're looking for:
http://ckeditor.com/addon/codemirror

I really don't know if the ckeditor has that option.
If your problem is show the information like WYSIWYG in a web with RoR maybe you have to set in the view that the information is html safe (This is for security reasons and is set by default). If you don't do that you will see with the html tags.
You have many ways to do the html safe:
Here is a discussion about which one use:
raw vs. html_safe vs. h to unescape html
Hope that solve your problem.

Codemirror might be your best bet for this. Its like CKeditor but for code.
http://codemirror.net/
You could even write your own mode for it, which if I understand what your trying to do might end up being required.

Have not found anything better than going with Markdown. Just like it is done here on SO

Related

How to use slim for mailer text template

I am using slim as the template engine for my rails app and would like to use slim for mailer templates as well.
There is no problem with html mailer templates (views/mailer/default_email.en.html.slim) but, I am not sure how to make the text templates work.
I have placed a text template in views/mailer/default_email.en.text.slim with this content:
Hello,
Your video is ready.
= #url
Thank you,
The A-Team
But the result is parsed as slim HTML, and looks like this:
<Hello>,</Hello><Your>video is ready.</Your><Click>the link below to watch it:</Click>http://watch.thy/video<Thank>you,</Thank><The>A-Team</The>
Other than prefixing every line with a pipe, isnt there a more natural way?
I even looked for an embedded plugin (like the markdown one) to say "plain text" but there is none.
Thanks in advance.
Slim was designed to generate HTML, not plain text, so you'll have to either use the pipe prefix for each line or go with .text.erb templates. I'd use the ERB templates, especially if you don't have a lot of interpolation going on.
For what it's worth, you can actually go the Slim route without having to prefix each line with a pipe, like so:
|
Hello,
<br><br>
Your video is ready.<br>
#{#url}
<br><br>
Thank you,<br>
The A-Team
I would definitely agree with eugen though, that the text.erb route is the best fit. Just providing another solution, in case somebody absolutely insisted on doing this in Slim. :-)

How do I remove HTML tags from within a text area using MVC 3?

I have difficulty getting a value from a text area of the CKEditor
when I save something that has nothing inside the textarea HTML tag. In this case, it puts this text inside:
<html>\r\n\t<head>\r\n\t\t<title></title>\r\n\t</head>\r\n\t<body>\r\n\t</body>\r\n</html>\r\n"
Is there some way to strip off all these html tags?
I'm using MVC 3, and I've researched something about: Content(Server.HtmlEncode),
but I'm still not 100% if this is the best way to do this kind of treatment.
I found a class listed below that looks like it should solve your problem. Just add it to your solution and you can then call it statically and strip the html.
This kind of assumes that you are wanting to do the stripping of html on the server side.
On a side note not accepting answers like you are doing is hazardous to people willingness to help...I'd recommend that you reward the people that are helping you if you'd like to continue getting help!
Link to Solution
#Html.DisplayTextFor(modelItem => item.content)

Disable XSS and HTML Sanitization in Rails 3

I'm having an issue where when I have the contents of my rich text editor saved into the database using activerecord the html content is stripped of the html contents (I think it fires html_safe on it). I tried overriding the html_safe method on the content string, but nothing works.
content = "<p>hello</p>"
#article.content = content
puts #article.content # "<p>hello</p>"
#article.save
puts #article.content # "<>hello</>"
How can you override the html stripping capabilities in activerecord for a particular column?
As frank blizzard already said in his answer, you make your self vulnerable two XSS-Attacks.
But if you trust your authors, that this columns are safe two display, you can do something like this in your Article model
class Article < ActiveRecord::Base
def content
attributes[:content].html_safe
end
end
You can use the raw(string) method, but it would make you vunlerable against XSS attacks.
Another option would be taking a deeper look into markdown.
Turns out the issue to this problem was nothing todo with Rails or the XSS stripping. The code that I had was modifying a string and then saving the results elsewhere which was causing the original input to be changed. I solved the problem by using string.dup to copy over the original string so that I wasn't affected.
There should be an option for this.
I encourage you to take a look at the docs of the rich text editor that you are using.

Embedding youtube video in markdown?

i use the ruby gem formatize to parse my markdown-formated text. now i want to embed a youtube-video into the markdown text, but whenever i add the iframe snippet, the gem (or markdown?) just removes it from the output. any advise?
thanks!
You'll have to get formatize to ignore <iframe> tags. See this link.
You can have markdown + HTML together so it sounds like it's an issue with the gem. Notice how the markdown syntax recommends that the older YouTube markup is embedded via direct HTML. You might be able to get away using the older <object> tag approach; I think it's still supported.
According to formatize's documentation, you should pass :safe => true into the markdown function (this opens a security hole, so be sure to run your own, customized sanitization)
That doesn't work so I am instead using my own copy of formatizes function that does no sanitization (yet):
module ApplicationHelper
def post_body(post)
(post.body.blank? ? "" : BlueCloth.new(post.body).to_html).html_safe
end
end

Wiki-like formatting in Rails

I forgotten the name of this library. But it's sort of like Wiki how you type certain characters in front of your text, and then it'll make the text bold/italic/underline.
I'm not asking for the way Wiki is formatted but I'm aware there is something similar built into Rails. It's at the tip of my tongue. Thanks.
Are you looking for the textilize view helper? In your view, just say:
<%= textilize( post.body_text ) %>
Many of these are implemented in Ruby:
Comparison of lightweight markup languages
I like Markdown, through RDiscount.
RedCloth does this. It gives you textile markup (which is among the markup languages listed in Daniel's answer).
http://redcloth.org/

Resources