tags:

views:

22

answers:

1
Q: 

Allowing embed tags but watching for dangerous code in Rails?

I have an option for people to store an embed link to Vimeo or YouTube as part of their profile. I'm storing it in an embed_link:string in my DB. What do I need to be careful of so people only post those links and not dangerous javascript or anything else?

A: 

I think this might answer your question: http://stackoverflow.com/questions/1970903/only-allow-video-embed-codes-rails

Galen  2010-08-05 21:53:35

related questions

Embed xsl into an XML file
Is it possible to embed an AS3 swf in a DIV layered above an embedded AS2 swf?
How to Disable AutoLoad for <embed>?
Embed Tag in HTML - How can I know in Javascript that the .wav file is done playing?
Best way to embed flash in html
Embedding an application inside another application
How to embed a swf on top of a html page?
Embedding XULRunner application on Java
Embedding web browser window in Java
How to use javascript to swap swf in html?
How can I remove a swf file that's embedded in html using a button in the swf?
Embedding Opera in Cocoa
Can HTML embed<> stop mp3s from automatically downloading?
How to embed fonts in HTML?
How to Safely Accept Pasted <embed> Code (PHP)
How do I show an embedded excel file in a WebPage?
How to dynamically change the "src" or "data" for a PDF Object / Embed file using JavaScript?
Which Javascript engine would you Embed in an application?
In Flex/AS3, how do I get a class definition of an embedded asset with getDefinitionByName
Accessing hidden embedded quicktime audio
Linking directly to a SWF, what are the downsides?
How to safely embed any flash file (swf)?
Embed Powerpoint into HTML
What are effective options for embedding video in an ASP.NET web site?
Embedding Windows Media Player for all Browsers