Rails - Dec 2011 - 2.3.8 v. 3.1.1 text escaping

In a view I emit a 12 character string "abc<br />def".

In 2.3.8 "abc<br />def" is rendered.

In 3.1.1 "abc\&lt;br /\&gt;def" is rendered.

The 2.3.8 behavior is what I want.  How do I get it?

Ralph Shnelvar

-- 
Posted via http://www.ruby-forum.com/.

-- 
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en.

I''m answering my own question.

This is an issue with HAML.  The relevant statement comes from
http://haml-lang.com/docs/yardoc/file.HAML_REFERENCE.html

- - -
Haml supports Rails’ XSS protection scheme, which was introduced in
Rails 2.3.5+ and is enabled by default in 3.0.0+. If it’s enabled,
Haml’s :escape_html option is set to true by default - like in ERB, all
strings printed to a Haml template are escaped by default. Also like
ERB, strings marked as HTML safe are not escaped. Haml also has its own
syntax for printing a raw string to the template.
- - -

In the document cited above, there are hyperlinks to how to turn escapin
on and off.

Bascially, the leading = in a HAML statement needs to be cahntged to a
!= in order to turn off escaping.

Just another gotcha in the struggle to upgrade from 2.3.8 to 3.1.1.

-- 
Posted via http://www.ruby-forum.com/.

-- 
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en.