Convert html entities? Just use html_safe?


I’m importing lots of products via XML. Some characters like the swedish å, ä, ö are encoded as å for instance. When I print it I just append .html_safe to make it appear correct.

Is this a good and safe approach or should I convert the characters in some other way?

It depends.

If the strings are entered by the user you should stay away from using html_safe because you open your application to html injection attacks.

If the strings come from a trusted source, it is OK to use html_safe.