Rails 3 Forces HTML Escape of Forms

dlamet · May 13, 2011, 3:26am

I have a legacy application I ported from Rails 2.x. I found that the escaping was occurring where it shouldn't, like in creation of forms, and I couldn't turn it off. I found two mechanisms that should have disabled it, a function safe_html, which is supposed to mark a string as not needing to be escaped. The other is raw, which similarly indicates that a string should be output in its raw form, even if it's not safe HTML. Neither of these mechanisms seem to function for me. Anyone know of something I might have done to muck up this functionality? Is there a problematic gem possibly?

Dan

Michael_Pavling · May 13, 2011, 7:32am

Without knowing what gems you're using, or showing some code snippets from your views, and maybe the associated controller action, and generated HTML, it's going to be very vague speculation at best...

Adam8 · May 14, 2011, 3:27am

Are you using helper methods to output the HTML? If so, you can mark them as safe by adding

safe_helper :helper_method_name

in the helper file. Then I believe they won't be escaped.

Adam Stegman

Topic		Replies	Views
rails 2.3.8 and html_safe rubyonrails-talk	7	160	August 3, 2010
Problem: Form Helper HTML Command Escaping rubyonrails-core	3	171	June 9, 2010
Rails 3 and html_safe rubyonrails-talk	4	163	May 17, 2010
Rails form helpers uses "escape_once" causing undesirable behavior rubyonrails-core	3	158	October 1, 2009
Prevent Helper Automatically Escaping String rubyonrails-talk	8	199	August 3, 2010

Rails 3 Forces HTML Escape of Forms

Related topics

More Resources