{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 放我归山 的问题《Only Allow Video Embed Codes (Rails)》','https://www.manongdao.com/q-595102.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I was wondering if anyone knew of a way to only allow embed codes like ones from youtube, vimeo, blip.tv, etc. into a form field? I have a form on my site that allow users to embed a video but I only want them to add the embed code html and nothing else dangerous like JS or additional html. Is there any tool out there that can do this or can this be done with just a regular expression? Thank you
相关问题
- Question marks after images and js/css files in ra
- Using :remote => true with hover event
- Eager-loading association count with Arel (Rails 3
- Date with SimpleDateFormat in Java
- Is there a way to remove IDV Tags from an AIFF fil
相关文章
- embed 循环播放MP3文件(loop="2"变成无限循环)
- Angular Material Stepper causes mat-formfield to v
- Right way to deploy Rails + Puma + Postgres app to
- How to create a MediaClip from RenderTargetBitmap
- Why doesn't Django enforce my unique_together
- AWS S3 in rails - how to set the s3_signature_vers
- how to call a active record named scope with a str
- How to add a JSON column in MySQL with Rails 5 Mig
You can possibly try the sanitize helper at http://api.rubyonrails.org/classes/ActionView/Helpers/SanitizeHelper.html with some tweaks.