XSS Sanitizer
acts_as_sanitiled
A modernized version of Chris Wansthrath's venerable acts_as_textiled. It automatically textiles and then sanitizes columns to your specification. Ryan Grove's excellent Sanitize gem with nokogiri provides the backend for speedy and robust filtering of your output in order to: restrict Textile to a subset of HTML, guarantee well-formedness, and of course prevent XSS.
mdalessio-dryopteris
Dryopteris erythrosora is the Japanese Shield Fern. It also can be used to sanitize HTML to help prevent XSS attacks.
xss_shield
This Rails plugin provides automatic cross site scripting (XSS) protection for your views. Once installed, you no longer have to manually and painstakingly sanitize all your views with HTML escaping.
jmcnevin-dryopteris
Dryopteris erythrosora is the Japanese Shield Fern. It also can be used to sanitize HTML to help prevent XSS attacks.
disinfect_url
A gem to sanitize URLs or HTML href attributes within <a> tags to help prevent XSS attacks.
schwabsauce-merb_dm_xss_terminate
Plugin that auto-sanitizes data before it is saved in your DataMapper models