how to tackle <script> tag?

you could escape the content via &lth;

or

you could use the 'h' or 'sanatize' methods in the template. << should
be automatic almost all of the time

h(str):

escapes all html

sanitize(str):

escapes script tags, form tags and javascript attributes (ie.
onclick="alert('hi')"

however as of rails 2.0 (maybe 1.2.4 even) sanitize can take parameters
to specify unique filter options.

Keynan Pratt wrote:

you could escape the content via &lth;

or

you could use the 'h' or 'sanatize' methods in the template. << should
be automatic almost all of the time

could you please write some syntax?
thanks