Ruby 's Truncate MS 워드 코드를 unsanitizes

Question

누군가가 이것을 눈치 채지 만 궁금한 점이 있지만 때때로 단어를 붙여 넣는 WYSIWYG가 있습니다. 단어 소독제가 있지만 모든 사람이 천재가 아닙니다.

다른 텍스트를 구문 분석하면 올바르게 표시됩니다. 하지만 자르면 msword 코드가 나타납니다.

왜 사람이 잘리지 않는 이유를 알고 있습니까? 누구든지 동시에 위생 처리 및 절단 방법을 알고 있습니까?

UPDATE :

≪! [If Gte Mso 9]>≪Xml> ≪Br /> ≪O:Office Document Settings> ≪Br /> ≪O:Allow Png/> ≪Br /> ≪/O:Office Document Settings> ≪Br />≪/Xml>≪![Endif] >≪! [If Gte Mso 9]>≪Xml> ≪Br /> ≪W:Word Document> ≪Br /> ≪W:Zoom>0≪/W:Zoom> ≪Br /> ≪W:Track Moves>False≪/W:Track Moves> ≪Br /> ≪W:Track Formatting/> ≪Br /> ≪W:Punctuation Kerning/> ≪Br /> ≪W:Drawing Grid Horizontal Spacing>18 Pt≪/W:Drawing Grid Horizontal Spacing> ≪Br /> ≪W:Drawing Grid Vertical Spacing>18 Pt≪/W:Drawing Grid Vertical Spacing> ≪Br /> ≪W:Display Horizontal Drawing Grid Every>0≪/W:Display Horizontal Drawing Grid Every> ≪Br /> ≪W:Display Vertical Drawing Grid Every>0≪/W:Display Vertical Drawing Grid Every> ≪Br /> ≪W:Validate Against Schemas/> ≪Br /> ≪W:Save If Xml Invalid>False≪/W:Save If Xml Invalid> ≪Br /> ≪W:Ignore Mixed Content>False≪/W:Ignore Mixed Content> ≪Br /> ≪W:Always Show Placeholder Text>False≪/W:Always Show Placeholder Text> ≪Br /> ≪W:Compatibility> ≪Br /> ≪W:Break Wrapped Tables/> ≪Br /> ≪W:Dont Grow Autofit/> ≪Br /> ≪W:Dont Autofit Constrained Tables/> ≪Br /> ≪W:Dont Vert Align In Txbx/> ≪Br /> ≪/W:Compatibility> ≪Br /> ≪/W:Word Document> ≪Br />≪/Xml>≪![Endif] >≪! [If Gte Mso 9]>≪Xml> ≪Br /> ≪W:Latent Styles Def Locked State="False" Latent Style Count="276"> ≪Br /> ≪/W:Latent Styles> ≪Br />≪/Xml>≪![Endif] > ≪! {Cke Protected}%3 C!%2 D%2 D%7 Bcke Protected%7 D%253 C!%252 D%252 D%257 Bcke Protected%257 D%25253 C!%25252 D%25252 D%25257 Bcke Protected%25257 D%2525253 C!%2525252 D%2525252 D%2525257 Bcke Protected%2525257 D%252525253 C!%252525252 D%252525252 D%252525257 Bcke Protected%252525257 D%25252525253 C!%25252525252 D%25252525252 D%25252525257 Bcke Protected%25252525257 D%2525252525253 C!%2525252525252 D%2525252525252 D%2525252525250 A%25252525252520%2525252525252 F*%25252525252520 Font%25252525252520 Definitions%25252525252520*%2525252525252 F%2525252525250 A%25252525252540font Face%2525252525250 A%25252525252509%2525252525257 Bfont Family%2525252525253 A Times%2525252525253 B%2525252525250 A%25252525252509panose 1%2525252525253 A2%252525252525200%252525252525205%252525252525200%252525252525200%252525252525200%252525252525200%252525252525200%252525252525200%252525252525200%2525252525253 B%2525252525250 A%25252525252509mso Font Charset%2525252525253 A0%2525252525253 B%2525252525250 A%25252525252509mso Generic Font Family%2525252525253 Aauto%2525252525253 B%2525252525250 A%25252525252509mso Font Pitch%2525252525253 Avariable%2525252525253 B%2525252525250 A%25252525252509mso Font Signature%2525252525253 A3%252525252525200%252525252525200%252525252525200%252525252525201%252525252525200%2525252525253 B%2525252525257 D%2525252525250 A%25252525252540font Face%2525252525250 A%25252525252509%2525252525257 Bfont Family%2525252525253 A Verdana%2525252525253 B%2525252525250 A%25252525252509panose 1%2525252525253 A2%2525252525252011%252525252525206%252525252525204%25 

모든 것은 긴 600 자입니다 :

가 여기에 msword로 레이블의 예 내가 절단 한 후 표시되는입니다. 이 첫 번째 200 정도입니다 : I에 유래의 도움으로 만든 살균제 여기

“Excellent” – The New York Times    

“4 Stars” - The Star-Ledger                  

“Best Romantic Restaurant” – Suburban Essex 

“Best View” – OpenTable 



In December 1986, the Knowles opened Highlawn after months of restoration to the former open-air “casino” which had, along with the now-prosperous park, been neglected for several years. 

사용자 정의입니다 :

def sanitized_text(text) 
    sanitized = text.gsub(/≪[^>]*>/, '') 
end 

이 소독제의 문제점은 I가 절단 후 빈 공백을 반환 것입니다 125 자. 나는 600 자로 그것을 확장했고, 또 다른 msword 조건문 인 한 줄을 얻는다.

업데이트 : 이것은 msword 콘텐츠를 생성하는 코드입니다. 난 그냥이를 넣어

는

= truncate(organization.about_us, 125) 

참고 :이 잘 나오는

= organization.about_us 

하지만, 물론 잘리지 않습니다. 나는 또한이를 추가해야

는/루비 1.8.7 당신이 분할 태그와 엔티티를 끝낼 수 있기 때문에 HTML을 자르는 진짜 번거 로움이 항상 2.3.5

Answer 1

레일. 적절한 UTF-8 처리가 없으면 2 바이트 문자를 반으로 잘라 낼 위험이 있습니다.

def sanitized_text(text) 
    sanitized = text.gsub(/≪[^>]*?>/, '') 
end 

* 표시 :

조심하는 또 다른 것은

지나치게 욕심 정규 표현식입니까? 일치하는 최소값을 캡처합니다. 여기서 *는 가장 큰 일치를 캡처합니다. 예를 들어

:

<A><B> 

이는 "<"로 그룹화 할 수 있습니다, "A> < B"및 ">"잘못된 표현으로 끝날 경우.

편집 : 나는 이것을 재현하려했지만 행운이 없었습니다.

이 예에서는 텍스트를 붙여 넣고 살균 처리하여 모든 것이 정상적으로 나타납니다.,

<!-- app/views/example/index.html.erb --> 
<body> 
    <strong>Original</strong> 
    <div> 
    <%= sanitized_text(@text) %> 
    </div> 
    <strong>Truncated</strong> 
    <div> 
    <%= truncate(sanitized_text(@text), :length => 125) %> 
    </div> 
    <strong>Truncated With Deprecated Option</strong> 
    <div> 
    <%= truncate(sanitized_text(@text), 125) %> 
    </div> 
</body> 

이

루비 1.8.7p174와 OS X에 있던 테스트에 WEBrick을 사용하여 2.3.5 레일 :

# app/controllers/example_controller.rb 
class ExampleController < ApplicationController 
    def index 
    @text = '&Lt;! [If Gte Mso 9]>&Lt;Xml> &Lt;Br /> &Lt;O:Office Document Settings> &Lt;Br /> &Lt;O:Allow Png/> &Lt;Br /> &Lt;/O:Office Document Settings> &Lt;Br />&Lt;/Xml>&Lt;![Endif] >&Lt;! [If Gte Mso 9]>&Lt;Xml> &Lt;Br /> &Lt;W:Word Document> &Lt;Br /> &Lt;W:Zoom>0&Lt;/W:Zoom> &Lt;Br /> &Lt;W:Track Moves>False&Lt;/W:Track Moves> &Lt;Br /> &Lt;W:Track Formatting/> &Lt;Br /> &Lt;W:Punctuation Kerning/> &Lt;Br /> &Lt;W:Drawing Grid Horizontal Spacing>18 Pt&Lt;/W:Drawing Grid Horizontal Spacing> &Lt;Br /> &Lt;W:Drawing Grid Vertical Spacing>18 Pt&Lt;/W:Drawing Grid Vertical Spacing> &Lt;Br /> &Lt;W:Display Horizontal Drawing Grid Every>0&Lt;/W:Display Horizontal Drawing Grid Every> &Lt;Br /> &Lt;W:Display Vertical Drawing Grid Every>0&Lt;/W:Display Vertical Drawing Grid Every> &Lt;Br /> &Lt;W:Validate Against Schemas/> &Lt;Br /> &Lt;W:Save If Xml Invalid>False&Lt;/W:Save If Xml Invalid> &Lt;Br /> &Lt;W:Ignore Mixed Content>False&Lt;/W:Ignore Mixed Content> &Lt;Br /> &Lt;W:Always Show Placeholder Text>False&Lt;/W:Always Show Placeholder Text> &Lt;Br /> &Lt;W:Compatibility> &Lt;Br /> &Lt;W:Break Wrapped Tables/> &Lt;Br /> &Lt;W:Dont Grow Autofit/> &Lt;Br /> &Lt;W:Dont Autofit Constrained Tables/> &Lt;Br /> &Lt;W:Dont Vert Align In Txbx/> &Lt;Br /> &Lt;/W:Compatibility> &Lt;Br /> &Lt;/W:Word Document> &Lt;Br />&Lt;/Xml>&Lt;![Endif] >&Lt;! [If Gte Mso 9]>&Lt;Xml> &Lt;Br /> &Lt;W:Latent Styles Def Locked State="False" Latent Style Count="276"> &Lt;Br /> &Lt;/W:Latent Styles> &Lt;Br />&Lt;/Xml>&Lt;![Endif] > &Lt;! {Cke Protected}%3 C!%2 D%2 D%7 Bcke Protected%7 D%253 C!%252 D%252 D%257 Bcke Protected%257 D%25253 C!%25252 D%25252 D%25257 Bcke Protected%25257 D%2525253 C!%2525252 D%2525252 D%2525257 Bcke Protected%2525257 D%252525253 C!%252525252 D%252525252 D%252525257 Bcke Protected%252525257 D%25252525253 C!%25252525252 D%25252525252 D%25252525257 Bcke Protected%25252525257 D%2525252525253 C!%2525252525252 D%2525252525252 D%2525252525250 A%25252525252520%2525252525252 F*%25252525252520 Font%25252525252520 Definitions%25252525252520*%2525252525252 F%2525252525250 A%25252525252540font Face%2525252525250 A%25252525252509%2525252525257 Bfont Family%2525252525253 A Times%2525252525253 B%2525252525250 A%25252525252509panose 1%2525252525253 A2%252525252525200%252525252525205%252525252525200%252525252525200%252525252525200%252525252525200%252525252525200%252525252525200%252525252525200%2525252525253 B%2525252525250 A%25252525252509mso Font Charset%2525252525253 A0%2525252525253 B%2525252525250 A%25252525252509mso Generic Font Family%2525252525253 Aauto%2525252525253 B%2525252525250 A%25252525252509mso Font Pitch%2525252525253 Avariable%2525252525253 B%2525252525250 A%25252525252509mso Font Signature%2525252525253 A3%252525252525200%252525252525200%252525252525200%252525252525201%252525252525200%2525252525253 B%2525252525257 D%2525252525250 A%25252525252540font Face%2525252525250 A%25252525252509%2525252525257 Bfont Family%2525252525253 A Verdana%2525252525253 B%2525252525250 A%25252525252509panose 1%2525252525253 A2%2525252525252011%252525252525206%252525252525204%2' 
    end 
end 

# app/helpers/example_helper.rb 
module ExampleHelper 
    def sanitized_text(text) 
    text.gsub(/&Lt;[^>]*>/, '') 
    end 
end 

뷰 자체는 꽤 많이 당신이 가진 것입니다.