i use the ruby gem formatize to parse my markdown-formated text. now i want to embed a youtube-video into the markdown text, but whenever i add the iframe snippet, the gem (or markdown?) just removes it from the output. any advise?
thanks!
You'll have to get formatize to ignore <iframe> tags. See this link.
You can have markdown + HTML together so it sounds like it's an issue with the gem. Notice how the markdown syntax recommends that the older YouTube markup is embedded via direct HTML. You might be able to get away using the older <object> tag approach; I think it's still supported.
According to formatize's documentation, you should pass :safe => true into the markdown function (this opens a security hole, so be sure to run your own, customized sanitization)
That doesn't work so I am instead using my own copy of formatizes function that does no sanitization (yet):
module ApplicationHelper
def post_body(post)
(post.body.blank? ? "" : BlueCloth.new(post.body).to_html).html_safe
end
end
Related
I am working on a Rails application whose HAML templates frequently make use of a routine called sanitize. I have deduced from context that this routine sanitizes user-controlled HTML. Example:
# views/feed_items/_about.html.haml
%h3 Summary:
.description
= sanitize #feed_item.description
I want to make this routine add 'rel=nofollow' to all outbound links, in addition to what it's already doing. What is the most straightforward way to do that?
N.B. I am not having any luck finding the definition of this method, or the official configuration knobs for it. The vendor directory has two different HTML sanitizer gems in it and I can't even figure out which one is being used. This is a large, complicated web application that I did not write, and I barely understand Ruby, let alone all of Rails' extensions to it. Please assume I do not know any of the things that you think are obvious.
The sanitizer will strip out the rel tags if they exist.
I ran into a similar issue and added an additional helper method - clean_links to the ApplicationHelper module, and called it after sanitizing the content.
# application_helper.rb
def clean_links html
html.gsub!(/\\2')
html.html_safe
end
This method looks for all <a> tags, and adds rel="nofollow". The html_safe method is necessary or else the HTML will be displayed as a string (it's already been sanitized).
This solution treats all links equally, so if you only want this for links pointing outside the domain, you'll have to update the REGEX accordingly.
In your view: <%= clean_links sanitize(#something) %>
So, first the content is sanitized, then you add the rel="nofollow" tag before displaying the link.
Actually there's a built-in way:
sanitize "your input", scrubber: Loofah::Scrubbers::NoFollow.new
I'm having trouble getting Slim to render my markdown:
div.container
div.row
div.col-md-8.job_description
markdown:
= #listing.job_description
That just renders the string
This is an h1 ## h2 ### h3 > this is a quote * hello * goodbye foo
No line breaks or anything (which are contained in the actual string)
How do I get this to render properly? Thanks!
I gave up on using markdown: in slim, had tried everything.
I ended up creating this helper, place it in just any file in app/helpers
def markdown(content)
return '' if content.blank?
markdown = Redcarpet::Markdown.new(Redcarpet::Render::XHTML, autolink: true, space_after_headers: true)
sanitize(markdown.render(content)).html_safe
end
And then in a view
= markdown #listing.job_description
You will of course have to install the redcarpet gem.
gem 'redcarpet'
Rendering Markdown out of a variable in this way isn't possible, as Slim first renders the Markdown (or any other embedded engine language) and only after that interpolates the variable contents.
It makes sense that it would work this way as Slim's embedded engine tags are intended as a way of including different languages in-line so you can read them there. If the markdown isn't included in literal form in the template, there's no advantage to using the embedded engine over simply rendering the Markdown before you pass it to Slim (as HTML, and using '==' to prevent further processing by Slim).
I think, also, that it's set up like this because it's intended to provide and easy way for interpolating text into Markdown - which doesn't itself have a means of interpolation - within the same template as everything else.
The helper Iceman suggests is a nice way to do it. I'd probably call it outside of the template, but that's just because it's my personal preference to do as little as possible inside the template.
Looks like your markdown content is not indented under markdown:, so it won't be processed by markdown.
It should look more like this:
div.col-md-8.job_description
markdown:
= #listing.job_description
See this section of the docs for more information.
Is it possible to use the Redcarpet Markdown library to automatically embed youtube videos from youtube share links? If so anyone got any ideas on how to go about it? (I'm using Ruby/Rails 3.2)
Sure it is, you can override the method .to_html, but you probably dont need to even extend it you could instead do something like this;
# my regex is a little rusty
#html = Redcarpet.new(#article.content).to_html
#html = #html.gsub(/\[youtube\s+(.*?)\]/, "....actual html you want in here with youtube id \\1 ")
That would replace any instace of [youtube YOUTUBE_ID] with your custom html.
I'm using the ckeditor gem and when I use the paste as plain text dialog it encapsulates the text in quotes as well as < p> tags and < br> tags. Is there any way I can tell ckeditor not to use any markup whatsoever when using that option.
What I am trying to accomplish is to have snippets of code within an article. Those snippets are processed using the markdown gem as well as pigments.rb. The following code is what I'm trying to accomplish
```ruby
puts "hello world"
class Hello
end
```
and this is what I'm getting
<p>
```ruby<br />
puts "hello world"
class hello<br />
end<br /></p>
This might be what you're looking for:
http://ckeditor.com/addon/codemirror
I really don't know if the ckeditor has that option.
If your problem is show the information like WYSIWYG in a web with RoR maybe you have to set in the view that the information is html safe (This is for security reasons and is set by default). If you don't do that you will see with the html tags.
You have many ways to do the html safe:
Here is a discussion about which one use:
raw vs. html_safe vs. h to unescape html
Hope that solve your problem.
Codemirror might be your best bet for this. Its like CKeditor but for code.
http://codemirror.net/
You could even write your own mode for it, which if I understand what your trying to do might end up being required.
Have not found anything better than going with Markdown. Just like it is done here on SO
I'd like to have a link generated with BlueCloth that opens in a new window. All I could find was the ordinary [Google](http://www.google.com/) syntax but nothing with a new window.
Ideas?
Regards
Tom
Here is a complete reference for markdown: http://daringfireball.net/projects/markdown/syntax
And since there is no mention of how to set the target attribute, I would believe it is not directly possible, but the reference also says:
For any markup that is not covered by
Markdown’s syntax, you simply use HTML
itself. There’s no need to preface it
or delimit it to indicate that you’re
switching from Markdown to HTML; you
just use the tags.
Source: http://daringfireball.net/projects/markdown/syntax#html
So I would suggest you have to use the html syntax for links like this
update
if you wrap the markdown generated content in a div with a specific id like this:
and you use jQuery, you can add the following javascript:
$('#some_id a').attr('target','_blank');
Or you can save the BlueCloth output in a variable before outputting.
markdown_generated_string.gsub!(/<a\s+/i,'<a target="_blank" ')