January Savings:  20% Off On All Plans + 3 Months of Platinum Support
Days
Hours
Minutes
Seconds
x

New Froala Editor v5.0.0 is here โ€“ Learn More

Pricing
Get Started
Skip to content
Froala Documentation

Ruby File Validation

How it works

  1. The file gets uploaded to your server.
  2. Before storing the file on disk, it is being validated on server side.

Jump to Complete Example

File Upload

In the Server Upload article we explain the steps to upload an file on your server. When you insert an file in the rich text editor, you can validate its format. However that check is done only on the filename and not on the mime type. We recommend to make additional checks on server side just to make sure that users don't upload files in bad formats.

Validate Extension

The WYSIWYG editor's Ruby SDK comes with the possibility to check the file extension when it is being stored on the disk. Additional to the file name extension, it is using the mime type of the file for better accuracy.

class UploadController < ActionController::Base

  ...

  def upload_file
    options: {
      fieldname: 'file',
      validation: {
        allowedExts: [".txt", ".pdf", ".doc", ".json", ".html"],
        allowedMimeTypes: [ "text/plain", "application/msword", "application/x-pdf", "application/pdf", "application/json","text/html" ]
      }
    }

    # Upload the file.
    FroalaEditorSDK::File.upload(params, "public/uploads/files/", options)
  end

  ...

end

Custom Validation

You can also pass a custom method instead of validating the extension and mime type. This gives you full control on what types of files you want to store on disk. Below is an example of how to validate if a file is smaller than 10Mb.

class UploadController < ActionController::Base

  ...

  def upload_file
    options: {
      validation: Proc.new do |file, type|
        if File.size(file) > 10 * 1024 * 1024
          raise 'File size exceeded'
        end
      end
    })
    render :json => FroalaEditorSDK::File.upload(params, "public/uploads/files/", options)
  end

  ...

end

Complete Example

<script>
  new FroalaEditor('.selector', {
    // Set the file upload URL.
    fileUploadURL: '/upload_file',

    fileUploadParams: {
      id: 'my_editor'
    }
  })
</script>

class UploadController < ActionController::Base

  ...

  def upload_file
    options = {
      fieldname: 'file',
      validation: {
        allowedExts: [".txt", ".pdf", ".doc", ".json", ".html"],
        allowedMimeTypes: [ "text/plain", "application/msword", "application/x-pdf", "application/pdf", "application/json","text/html" ]
      }
    }
    render :json => FroalaEditorSDK::File.upload(params, "public/uploads/files/")
  end

  ...

end
Ruby SDK Image Reference

Do you think we can improve this article? Let us know.

Ready to dive in? Explore our plans

See plans
Sign up

Sign up

Download the code by signing up for our newsletter

Sign up

Download the code by signing up for our newsletter

Note: By registering, you confirm that you agree to the processing of your personal data by Froala, Inc. - Froala as described in the Privacy Statement. Froala, Inc. - Froala is part of the Idera group and may share your information with its parent company Idera, Inc., and its affiliates. For further details on how your data is used, stored, and shared, please review our Privacy Statement.
Froala WYSIWYG Editor advertisement with a large blue circle covering a corner of the ad and three bullet points.