From a lengthy discussion on #RubyOnRails@freenode.net, I am wondering about something. The *_path and *_url methods return plain String objects, not an ActiveSupport::SafeBuffer. If something is passed into (say) link_to that contains an escapable character, such as & in a query string, link_to will escape it.
I haven’t encountered people putting .html_safe on *_path methods before, so I didn’t know about this. Is this something well-known? Is it expected? My assumption was that it would have been html_safe.
Anyone have any thoughts on this?
Example:
app.glucose_readings_path(:hello => true, :goodbye=> false)
=> “/glucose_readings?goodbye=false&hello=true”
app.glucose_readings_path(:hello => true, :goodbye=> false).class
=> String < Object
foo.link_to “hi”, app.glucose_readings_path(:hello => true, :goodbye=> false)
=> “<a href="/glucose_readings?goodbye=false&hello=true">hi”
foo.link_to “hi”, app.glucose_readings_path(:hello => true, :goodbye=> false).html_safe
=> “<a href="/glucose_readings?goodbye=false&hello=true">hi”