[Rails] [OT] My html sanitizer. Comments please

Ben Munat bent at munat.com
Mon May 1 03:51:46 GMT 2006 

And I apologize if I sounded snotty or if you don't understand what I'm talking about. To 
my mail reader, it appears that you posted your email by hitting "reply to" on someone 
else's mail, deleting the subject and content, typing in your stuff -- your new thread -- 
and hitting send.

Doing this sets a mail header saying that your email is a reply to an email that it's not 
a reply to. And a threaded mail reader will look at these headers and collapse everything 
that says it's a reply to another email into a threaded list.

On a list with as much volume as this one, it's very likely that a lot of people leave all 
the threads collapsed and just scan the subjects... of the emails that started the thread, 
that is. So, if you start a thread by replying to an email in a different thread, then 
your email is hidden as a reply to something it's not a reply to! Making it less likely to 
be seen.

Anyway, if that's not what you did then, well, that's weird... I don't know how else a 
completely unrelated email gets an "In-reply-to:..." header in it. If it is what you did, 
don't sweat it... just live and learn.

b


Carl Lerche wrote:
> I see... I wasn't aware that I was thread hijacking. I apologize.
> 
> -carl
> On Apr 30, 2006, at 9:42 AM, Ben Munat wrote:
> 
>> You'd probably get more comments if you didn't thread hijack.
>>
>> b
>>
>> Carl Lerche wrote:
>>
>>> For an application I am working on, I have to allow user submitted  
>>> HTML (via TinyMCE). I only want to allow a tiny subset of the HTML  
>>> specification. I tried to find a function that would be able to  
>>> strip away the unwanted HTML tags, attributes, and styles that  were 
>>> submitted, but didn't find one. So, I wrote a function myself.
>>> The parameter format is similar to TinyMCE's valid_elements, but  
>>> differs in that 1) it offers a lot less and 2) I wasn't exactly  100% 
>>> sure about what each bit of the valid_elements in TinyMCE's  
>>> documentation did.
>>> However, being a ruby newbie, I thought I would post what I came  up 
>>> with here for feedback and comments on improving my "rubyisms".  As 
>>> of now, it's still pretty limited, but suits my minimum needs.  I 
>>> probably will expand on it in the future, maybe convert it to a  
>>> Rails plugin.
>>> And I also included a quick unit test (although I still need to  
>>> expand on it)
>>> http://www.conqueredthe.us/personal/html_sanitize.zip
>>> Comments please.
>>> --------------------------------------------------------------------- 
>>> ---
>>> _______________________________________________
>>> Rails mailing list
>>> Rails at lists.rubyonrails.org
>>> http://lists.rubyonrails.org/mailman/listinfo/rails
>>
>> _______________________________________________
>> Rails mailing list
>> Rails at lists.rubyonrails.org
>> http://lists.rubyonrails.org/mailman/listinfo/rails
> 
> 
> _______________________________________________
> Rails mailing list
> Rails at lists.rubyonrails.org
> http://lists.rubyonrails.org/mailman/listinfo/rails

More information about the Rails mailing list