dave4c03-QCUsDIA/pEqe8kRwQpwjMg@public.gmane.org
2010-May-08 02:37 UTC
Rail2 and Rails3 beta3 process <%= ''<h1>hello</h1>'' %> differently
Rail2 and Rails3 beta3 process <%=
''<h1>hello</h1>'' %> differently.
Rails3 must use <%= capture {''<h1>hello</h1>''}
%> to get the same
result as Rails2
Is this intentional or is it a bug?
--
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en.
Kieran P
2010-May-08 08:12 UTC
Re: Rail2 and Rails3 beta3 process <%= ''<h1>hello</h1>'' %> differently
Rails 3 escapes content by default now. See http://www.railsdispatch.com/posts/security for more details. So, now you have to use either: <%=raw ''<h1>hello</h1>'' %> Or: <%= ''<h1>hello</h1>''.html_safe %> Regards Kieran On May 8, 2:37 pm, "dave4...-QCUsDIA/pEqe8kRwQpwjMg@public.gmane.org" <dave.hurr...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> Rail2 and Rails3 beta3 process <%= ''<h1>hello</h1>'' %> differently. > > Rails3 must use <%= capture {''<h1>hello</h1>''} %> to get the same > result as Rails2 > > Is this intentional or is it a bug?-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.