Gaius
2008-Oct-30 17:03 UTC
url_for does not honor :escape => false when generating URLs from routes
Executive summary:
:escape => false is only used in UrlHelper''s :url_for. It is not
passed to RoutSet''s :generate, and thus not to the Route or its
Segments. Thus, regardless of the :escape setting, generating a URL
from a route (named or otherwise) will always escape each segment, and
thus the whole path.
Problem in detail:
I have a Tag class, and I''d like routes like
/tags/java
/tags/c++
etc.
The problem comes in with tags that have a period, forward-slash,
question mark, or octothorp in them, since any of those can indicate
the end of a path segment. Thus, I have
class Tag ...
def to_param
URI::encode self.name, /[\/.?#]/
end
end
The problem is that the resulting %xy is always double-escaped to
%25xy.
Possible solutions:
1. pass :escape to Segment. I believe the offending method is
DynamicSegment''s :interpolation_chunk.
2. do no escaping in Segment; only do escaping in UrlHelper and/or
UrlWriter.
I''m not sure of the ramifications of either. Suggestions?
-Gaius
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Core" group.
To post to this group, send email to rubyonrails-core@googlegroups.com
To unsubscribe from this group, send email to
rubyonrails-core+unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/rubyonrails-core?hl=en
-~----------~----~----~----~------~----~------~--~---
Michael Koziarski
2008-Nov-01 11:53 UTC
Re: url_for does not honor :escape => false when generating URLs from routes
> 1. pass :escape to Segment. I believe the offending method is > DynamicSegment''s :interpolation_chunk. > 2. do no escaping in Segment; only do escaping in UrlHelper and/or > UrlWriter. > I''m not sure of the ramifications of either. Suggestions?This has been like this for a while, so I''d like to hold off doing either of these things until we ship a 2.2 final release. However ''fundamentally'' it seems wrong to me that you have to do escaping in your .to_param method, you should be able to return whatever from those and rely on the fact that it''ll get escaped deeper in the routing machinery. Moving it out of the dynamic segment will probably be tricky as there''s a lot of information there that other areas don''t have access to. But basically, if we focus on the desired API, and choose our solution from that, we''ll come up with a nice location for the fix. -- Cheers Koz --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Core" group. To post to this group, send email to rubyonrails-core@googlegroups.com To unsubscribe from this group, send email to rubyonrails-core+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/rubyonrails-core?hl=en -~----------~----~----~----~------~----~------~--~---