I have a json formatted arg that I pass to a view helper, but the HTML gets escaped. I need it not to. I''m on Rails 2.3.6=8, I''ve tried using rails_xss and using raw and html_safe but it doesn''t make a difference. How do I not escape the argument? See http://gist.github.com/613780 for more details. Thanks! Ramon Tayag -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
Frederick Cheung
2010-Oct-09 09:49 UTC
Re: Not escaping arguments passed on to view helpers
On Oct 9, 10:43 am, Ramon Tayag <ramon.ta...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> I have a json formatted arg that I pass to a view helper, but the HTML > gets escaped. I need it not to. I''m on Rails 2.3.6=8, I''ve tried using > rails_xss and using raw and html_safe but it doesn''t make a > difference. How do I not escape the argument? Seehttp://gist.github.com/613780for more details. >I think the html safe mostly worries about < and > and so on. Looking at your example it looks like the correct thing is happening - if those quotes marks weren''t escaped you''d have <textarea cols="50" data-bespinoptions="{ "syntax": "js" }" which isn''t right. Fred> Thanks! > Ramon Tayag-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
Ramon Tayag
2010-Oct-10 13:31 UTC
Re: Re: Not escaping arguments passed on to view helpers
Yes, that wouldn''t be, but how about: <textarea cols="50" data-bespinoptions=''{ "syntax": "js" }'' Ramon Tayag On Sat, Oct 9, 2010 at 5:49 PM, Frederick Cheung <frederick.cheung-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> > > On Oct 9, 10:43 am, Ramon Tayag <ramon.ta...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote: > > I have a json formatted arg that I pass to a view helper, but the HTML > > gets escaped. I need it not to. I''m on Rails 2.3.6=8, I''ve tried using > > rails_xss and using raw and html_safe but it doesn''t make a > > difference. How do I not escape the argument? Seehttp:// > gist.github.com/613780for more details. > > > > I think the html safe mostly worries about < and > and so on. > Looking at your example it looks like the correct thing is happening - > if those quotes marks weren''t escaped you''d have > > <textarea cols="50" data-bespinoptions="{ "syntax": "js" }" > > which isn''t right. > > Fred > > Thanks! > > Ramon Tayag > > -- > You received this message because you are subscribed to the Google Groups > "Ruby on Rails: Talk" group. > To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org > To unsubscribe from this group, send email to > rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org<rubyonrails-talk%2Bunsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org> > . > For more options, visit this group at > http://groups.google.com/group/rubyonrails-talk?hl=en. > >-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.