Does your show.html.erb have: <%=h ...stuff... %> If so, you need to remove the h. Let me know! :) ~Dustin Tigner On Jul 26, 11:09 am, Clinton Beattie <rails-mailing-l...@andreas- s.net> wrote:> Hi, > > I initially posted this in the Rails Deployment section by accident. > > I have set up TinyMCE as an inkine javascript text editor on my text > areas, but when I open show.html.erb it renders out, for example, bold > tags as "<strong>Get</strong>" in the actual browser as opposed to > "Get". > > Can someone please shed some light on this? > > This is in my ''notes'' controller... > > def show > @note = Note.find(params[:id]) > > respond_to do |format| > format.html # show.html.erb > format.xml { render :xml => @note } > end > end > > Thanks in advanced. > C > -- > Posted viahttp://www.ruby-forum.com/.--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
Hi Dustin, Yeah it did include the "h" and a I removed it and it worked. THANKS!!! Why did this work and what was the "h" for. Bit of a newbie. -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
Hey Clinton, I''m glad that solved your problem. I as well am a Rails newbie and hitting a dead end is no fun. The ''h'' as I recall stands for ''helper''. It sterilizes the output for possibly harmful code. That''s why you would see <strong>get</strong> instead of just ''get''. Good luck on your projects! ~Dustin Tigner On Jul 26, 12:19 pm, Clinton Beattie <rails-mailing-l...@andreas- s.net> wrote:> Hi Dustin, > > Yeah it did include the "h" and a I removed it and it worked. THANKS!!! > > Why did this work and what was the "h" for. Bit of a newbie. > -- > Posted viahttp://www.ruby-forum.com/.--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
Clinton Beattie wrote:> Hi Dustin, > > Yeah it did include the "h" and a I removed it and it worked. THANKS!!! > > Why did this work and what was the "h" for. Bit of a newbie.Be aware that you just opened your Rails app up to XSS attacks. By allowing HTML and turning off filtering, you''ve allowed users to post arbitrary HTML which can do anything from mess up the formatting of the site to steal session cookies. This might not be a problem if the only users who can write to this model are trusted users, but it''s something to keep in mind for the future. This is one of the advantages of a markup language like RedCloth. You can filter HTML and still allow users to post content with markup. Though, RedCloth itself can be used for other malicious things but its impact is limited. -- Michael Morin Guide to Ruby http://ruby.about.com/ Become an About.com Guide: beaguide.about.com About.com is part of the New York Times Company --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
Thanks for that advice. For the time being it''s okay, I think, as this is for a Admin area and the users will be clients. Best, C -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---