class MonAvisEmbedValidator < ActiveModel::Validator def validate(record) # We need to ensure the embed code is not any random string in order to avoid injections r = Regexp.new('\s*Je donne mon avis\s*', Regexp::MULTILINE) if record.monavis_embed.present? && !r.match?(record.monavis_embed) record.errors.add :base, :invalid, message: "Le code fourni ne correspond pas au format des codes MonAvis reconnus par la plateforme." end end end