Rails 3 safe strings

I am trying to convert my Rails 2.3.5 app to 2.3.8 and then to Rails 3.0 Currently, I am upgrading to Rails 2.3.8. The default escaping behavior is causing all kinds of problems.

I have installed the rails_xss plugin from the following url: http://github.com/rails/rails_xss

And am trying to follow the directions in readme.

I have a form builder which has the following method:

def field_label(field_name, *args)     options = args.extract_options!     options.reverse_merge!(:required => field_required?(field_name))     options[:label_class] = "required" if options[:required]     t_label = options.delete(:label)     t_label = (t_label.nil? ? field_name.to_s.humanize.titleize : t_label)     if object.errors.invalid? field_name       temp_label = t_label + ": " +         @template.content_tag(:span, ([object.errors.on(field_name)].flatten.first.sub(/^\^/, '')), :class => 'error_message')     else       temp_label = t_label     end     label(field_name, temp_label.html_safe, :class => options[:label_class])   end

I cannot seem to get the method above not escape the error text when I intentionally try to submit a required field with an empty value. I get an output as shown below:

Client Name: can't be blank <span class='field_error'><input id="client_client_name" name="client[client_name]" size="30" type="text" value="" /></span>

See if the string in the <span> element is not being interpreted? How can this be done? Is there a method to this madness?

Thanks for your time.

Bharat

Please disregard. This was my error. I had a field_error method in one of my initializer classes as shown below:

ActionView::Base.field_error_proc = Proc.new do |html_tag, instance_tag|   if html_tag =~ /type="hidden"/ || html_tag =~ /<label/     html_tag   else     "<span class='field_error'>#{html_tag}</span>".html_safe   end end

I had simply forgotten to mark the return string as html_safe.

I am going to sleep before I ask too many "dumb" questions.

Thanks.

Bharat