An ActiveModel extension that strips tags from attributes before validation using the strip-tags helper.
It preserves '&', '<' and '>' characters.
It works by adding a before_validation hook to the record. By default, all
attributes are stripped of tags, but :only
and :except
options can be
used to limit which attributes are stripped. Both options accept a single
attribute (only: :field
) or arrays of attributes (except: [:field1, :field2, :field3]
).
It's also possible to skip stripping the attributes altogether per model using the :if
and :unless
options.
Include the gem in your Gemfile:
gem "strip-tags"
class DrunkPokerPlayer < ActiveRecord::Base
strip_tags
end
# all attributes will be stripped except :boxers
class SoberPokerPlayer < ActiveRecord::Base
strip_tags except: :boxers
end
# only :shoe, :sock, and :glove attributes will be stripped
class ConservativePokerPlayer < ActiveRecord::Base
strip_tags only: [:shoe, :sock, :glove]
end
# Only records with odd ids will be stripped
class OddPokerPlayer < ActiveRecord::Base
strip_tags if: :strip_me?
def strip_me?
id.odd?
end
end
# strip_tags will be applied randomly
class RandomPokerPlayer < ActiveRecord::Base
strip_tags unless: :strip_me?
def strip_me?
[true, false].sample
end
end
# Empty attributes will not be converted to nil
class BrokePokerPlayer < ActiveRecord::Base
strip_tags allow_empty: true
end
It also works on other ActiveModel classes, such as Mongoid documents:
class User
include Mongoid::Document
strip_tags only: :email
end
Using it with ActiveAttr
class Person
include ActiveAttr::Model
include ActiveModel::Validations::Callbacks
attribute :name
attribute :email
strip_tags
end
# where record is an ActiveModel instance
StripTags.strip(record,: true)
# works directly on Strings too
StripTags.strip(" foo \t") #=> "foo"
StripTags.strip(" foo bar",: true) #=> "foo bar"
StripTags provides an RSpec/Shoulda-compatible matcher for easier testing of attribute assignment. You can use this with RSpec, Shoulda, Minitest-MatchersVaccine (preferred), or Minitest-Matchers.
require "strip-tags/matchers"
RSpec.configure do |config|
config.include StripTags::Matchers
end
require "strip-tags/matchers"
class Test::Unit::TestCase
extend StripTags::Matchers
end
OR if in a Rails environment, you might prefer this:
require "strip-tags/matchers"
class ActiveSupport::TestCase
extend StripTags::Matchers
end
require "strip-tags/matchers"
class MiniTest::Spec
include StripTags::Matchers
end
OR if in a Rails environment, you might prefer this:
require "strip-tags/matchers"
class ActiveSupport::TestCase
include StripTags::Matchers
end
require "strip-tags/matchers"
class MiniTest::Spec
include StripTags::Matchers
end
RSpec:
describe User do
it { is_expected.to strip_tag(:name) }
it { is_expected.not_to strip_tag(:password) }
end
Shoulda (with test-unit):
class UserTest < ActiveSupport::TestCase
should strip_tag(:name)
should strip-tags(:name, :email)
should_not strip_tag(:password)
should_not strip-tags(:password, :encrypted_password)
end
Minitest-MatchersVaccine:
describe User do
subject { User.new }
it "strips attributes" do
must strip_tag(:name)
must strip-tags(:name, :email)
wont strip_tag(:password)
wont strip-tags(:password, :encrypted_password)
end
end
Minitest-Matchers:
describe User do
subject { User.new }
must { strip_tag(:name) }
must { strip-tags(:name, :email) }
wont { strip_tag(:password) }
wont { strip-tags(:password, :encrypted_password) }
end
Submit suggestions or feature requests as a GitHub Issue or Pull Request (preferred). If you send a pull request, remember to update the corresponding unit tests. In fact, I prefer new features to be submitted in the form of new unit tests.
Original code 99% from the strip_attributes gem.
Semantic Versioning 2.0 as defined at http://semver.org.