Sanitize content with a new TrixScrubber

specifically made for trix editor with its allowed tags

app/services/trix_scrubber.rb

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+class TrixScrubber < Rails::Html::PermitScrubber
+  ALLOWED_TAGS = ["p", "b", "strong", "em", "i", "a", "u", "br", "del", "h1", "blockquote", "pre",
+                  "ul", "ol", "li"].freeze
+  ALLOWED_ATTRIBUTES = ["href", "target", "src", "alt"].freeze
+
+  def initialize
+    super
+    self.tags = ALLOWED_TAGS
+    self.attributes = ALLOWED_ATTRIBUTES
+  end
+end

app/views/shopping_shared/tabs/_custom.html.haml

@@ -1,3 +1,3 @@
 .content
   .row
-    = @distributor.custom_tab.content.html_safe if @distributor.custom_tab&.content.present?
+    = sanitize(@distributor.custom_tab&.content, scrubber: TrixScrubber.new)