html escape error messages in browser formatter
elia opened this issue · comments
Elia Schito commented
Adam Beynon commented
What is the current recommended way to escape html in ruby? Does activesupport offer something here?
Elia Schito commented
no, it's from ERB:
ERB::Util.html_escape string
http://elia.github.io/railsapi.com/public/doc/ruby-v2.0/classes/ERB/Util.html
Adam Beynon commented
Ok, our ERB implementation should have this. ERB is now in our stdlib, so it is easy enough for opal-spec to just require('erb')
and have it working. I will add this once we add the Util
module to erb.
meh. commented
👍 I really need this.
Adam Beynon commented
This is now on master: https://github.com/opal/opal/blob/master/stdlib/erb.rb#L9. Closing.
jonerer commented
Great! How do I use this now? I notice "h" and "html_escape" are not available in my templates