Hi sirs,<br /> another important feature that we need to use is the 'sanitize' helper. This Ruby on Rails helper filters HTML nodes and attributes and strips invalid protocols. Here in our case the use it on the simpler way:<br /> <code>&lt;%= sanitize(post.body) %&gt;</code><br /> Other time you can choose the options ':tags' and ':attributes' to do a custom use where just the HTML tags and attributes pointed here are allowed to be interpreted.<br /> It is another little tip that helps in malicious posts or comments containing javascripts codes or comments with different enconding. Here comes the Rails API link to more information about this: <a href="http://api.rubyonrails.org/classes/ActionView/Helpers/SanitizeHelper.html#M000936" title="Sanitize Helper" target="_blank">SanitizeHelper</a>.<br /> See you. 2008-01-14T13:08:17Z 12 html-filtering-with-sanitize-helper 2008-04-18T10:03:20Z 3