Description
Sanitizes HTML in Rails applications so user-provided markup can be cleaned before display. It is useful for comments, rich text, CMS fields, and other places where limited HTML is allowed.
HTML sanitization is a security boundary. Define allowed tags and attributes carefully, test XSS cases, and keep sanitizer dependencies updated.