Security issue in app

Hi,
I am facing a following problem:-
I have app in which user can edit his/her personal information and we
are showing it on browser. Some of users has added
"<script>alert('Hack');</script>" javascript in name textbox. Due to
this whenever I am showing name on browser it is executing the script
and giving javascript alert.
Can anyone tell me how to fix this? Is there any plugin avaliable?

Thanks,
Tushar

<%=h @text_from_user %>

The point is 'h' helper.
http://guides.rubyonrails.org/getting_started.html - will be very
useful to read.
Good luck.

Hi,
    Use rails HTML escaping method - html_escape(s) or h(s) to fix that
issue.

Thanks,
Priyanka Pathak

Thanks Priyanka
It is working.
Priyanka Pathak wrote: