如何在Ruby中限制Markdown语法?

本文介绍了如何在Ruby中限制Markdown语法?的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

我希望使用 Maraku 或 Kramdown .我需要限制用户可以提交的Markdown功能.在此系统中，不允许用户插入图像，html或进行任何繁重的编辑，但是强调和超链接是可以的.

I wish to implement Markdown in a Rails CMS comments system using a Ruby library such as Maraku or Kramdown. I need to restrict which Markdown features the users can submit. In this system users aren't allowed to insert to images, html, or perform any heavy editing, but emphasis and hyperlinks are okay.

本质上，我希望创建类似于此纺织过滤器，但适用于Markdown语法.

Essentially, I wish to create something similar to this Textile filter, but for Markdown syntax.

推荐答案

我一直在降价转换之后使用第二步，使用消毒宝石.它基于白名单并且非常可配置，您可以轻松实现它所追求的目标.

I have been using a second step after the markdown trasformation to sanitize the data using the sanitize gem. Its white-list based and very configurable, you could easily achieve what you are after with it.

为节省您的时间，这是我的文本格式化程序模块，希望它对您有所帮助.内置的宽松规则对我来说太严格了.

To save you some time, here is my text formatter module, hope it helps you out. The built-in relaxed rule was a bit too strict for me.

module TextFormatter
  require 'sanitize'

  module Formatters
    MARKDOWN = 1
    TEXTILE = 2
  end

  RELAXED = {
      :elements => [
        'a', 'b', 'blockquote', 'br', 'caption', 'cite', 'code', 'col',
        'colgroup', 'dd', 'dl', 'dt', 'em', 'i', 'img', 'li', 'ol', 'p', 'pre',
        'q', 'small', 'strike', 'strong', 'sub', 'sup', 'table', 'tbody', 'td',
        'tfoot', 'th', 'thead', 'tr', 'u', 'ul', 'del', 'ins', 'h1', 'h2', 'h3', 'h4', 'h5', 'h5', 'hr', 'kbd'],

      :attributes => {
        'a'          => ['href', 'title'],
        'blockquote' => ['cite'],
        'col'        => ['span', 'width'],
        'colgroup'   => ['span', 'width'],
        'img'        => ['align', 'alt', 'height', 'src', 'title', 'width'],
        'ol'         => ['start', 'type'],
        'q'          => ['cite'],
        'table'      => ['summary', 'width'],
        'td'         => ['abbr', 'axis', 'colspan', 'rowspan', 'width'],
        'th'         => ['abbr', 'axis', 'colspan', 'rowspan', 'scope',
                         'width'],
        'ul'         => ['type']
      },

      :protocols => {
        'a'          => {'href' => ['ftp', 'http', 'https', 'mailto',
                                    :relative]},
        'blockquote' => {'cite' => ['http', 'https', :relative]},
        'img'        => {'src'  => ['http', 'https', :relative]},
        'q'          => {'cite' => ['http', 'https', :relative]}
      }
    }



  def self.to_html(text, formatter = Formatters::MARKDOWN)
    return "" unless text

    html = case formatter
           when Formatters::MARKDOWN then
             RDiscount.new(text, :smart).to_html
           when Formatters::TEXTILE then
             RedCloth.new(text).to_html
           end

    Sanitize.clean(html, RELAXED)
  end
end

这篇关于如何在Ruby中限制Markdown语法?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！

1403页，肝出来的..