html escape error messages in browser formatter

Question

html escape error messages in browser formatter

elia opened this issue 11 years ago · comments

Elia Schito commented 11 years ago

Adam Beynon · Answer 1 · Wed Jul 03 2013 17:09:51 GMT+0800 (China Standard Time)

What is the current recommended way to escape html in ruby? Does activesupport offer something here?

Elia Schito · Answer 2 · Wed Jul 03 2013 20:09:18 GMT+0800 (China Standard Time)

no, it's from ERB:

ERB::Util.html_escape string

http://elia.github.io/railsapi.com/public/doc/ruby-v2.0/classes/ERB/Util.html

Adam Beynon · Answer 3 · Sat Jul 27 2013 21:15:38 GMT+0800 (China Standard Time)

Ok, our ERB implementation should have this. ERB is now in our stdlib, so it is easy enough for opal-spec to just require('erb') and have it working. I will add this once we add the Util module to erb.

meh. · Answer 4 · Mon Jul 29 2013 17:52:30 GMT+0800 (China Standard Time)

👍 I really need this.

Adam Beynon · Answer 5 · Sun Oct 06 2013 18:03:27 GMT+0800 (China Standard Time)

This is now on master: https://github.com/opal/opal/blob/master/stdlib/erb.rb#L9. Closing.

jonerer · Answer 6 · Wed Feb 25 2015 23:17:31 GMT+0800 (China Standard Time)

Great! How do I use this now? I notice "h" and "html_escape" are not available in my templates