четверг, 21 апреля 2011 г.

is your html_safe?

Is it only me here who thinks that adding rails_xss was rather сruel changing to rails 2.3.6? Moving to new version becomes into a little guided tour to discomfort. Maybe html_safe and raw helpers can cope with problem, but not always. Xml builder (and this means that rss and atom builders too) for some reason escapes html without checking on its safeness. Searching google doesn't provide me with the answer what to do, so I found out two possible solutions. The first is to rewrite all xml builder files into erb templates, but this can take time. Another solution is to create initializer with simple code:
class String
def html_safe?
true
end
end

Anyway it is only temporal solution if you want to move to rails 3.

Комментариев нет:

Отправить комментарий