Displaying 20 results from an estimated 28 matches for "html_safe".
2010 May 17
6
Should an blank string be html_safe?
Just trying to implement a simple helper over the past few days had me
really confused.
messages = ''''
messages << content_tag(:p, ''dave'')
#=> <p>dave<\p%;gt;
Eventually I realised the original empty string was not html_safe
message = ''''.html_safe
message << content_tag(:p, ''dave'')
#=> <p>dave</p>
Is this intentional behavour?
--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Core" group.
To post to this gr...
2011 Feb 09
16
rails 3.0.4 broke yield :javascript ?
hello,
I have today updated my rails app to 3.0.4 security release but now this
yield :javascripts
fails in the layout and I get my custom js escaped as text in the view.
anybody seeing this also?
tia,
jk
--
www.least-significant-bit.com
--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Core" group.
To post to this group, send email to
2010 Nov 05
9
[patch] Let's use <%== %> instead of <%= raw() %>
...l patch to make Rails behave properly with the
Erubis <%== %> construct. For some reason the current behaviour of
that tag in Rails 3 is to escape the contents _twice_ which is
probably a bug.
I offer three suggestions why this is a good idea:
- The syntax is cleaner. It can avoid a lot of .html_safe and raw in
your views. I especially like the conciseness of <%=== ''<b>Alert</b>''
if level<0 %> better then the alternative with .html_safe.
- It performs slightly better since it saves a method call and we can
concat a String directly instead of coercing ever...
2011 Jul 15
3
Ruby variable that embeds html tags
This seems very simple, but I can''t quite get it. Probably because I''m
just starting out with RoR.
My view has a slew of labels and text fields; many are "required":
<%= f.text_field :screen_name %> <span class="required_field">Required
field</span>
(The "required_field" class turns the text red and smaller.) I''d like
to
2010 Aug 03
7
rails 2.3.8 and html_safe
Hi,
Can somebody update me on the state of html_safe strings in rails 2.3.8?
I know rails 2.3.6 and 2.3.7 broke a lot of code because strings were
being escaped when they shouldn''t have been and I thought this was all
fixed in 2.3.8.
I''m upgrading an app from 2.3.5 to 2.3.8 and there are many spots where
previous code was output c...
2011 Nov 01
2
Railscast 262 different partial in helper
...arrange(:order => :created_at) %>
and the following helper method
module MessagesHelper
def nested_messages(messages)
messages.map do |message, sub_messages|
render(message) + content_tag(:div, nested_messages(sub_messages),
:class => "nested_messages")
end.join.html_safe
end
end
I tried the same and it works fine. My Question ist, how do I can force
the helper to render in a different partial like ''_old_message'' or
something else. I tried a lot but everytime the helper render the
_message.html.erb partial.
Thanks ahead for any help!
Regs
Her...
2010 Oct 01
8
field_with_errors.
If a model doesn''t pass validation the field in the view is put under
a <div class="field_with_errors">.
But who create that div? field_text helper do it?
--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To post to this group, send email to
2013 Nov 08
2
Export CSV
...>
<% if !tran.ticket_code.nil? && tran.ticket_code.present?%><%tran_code =
tran.ticket_code%><%else%><%tran_code = "-"%><%end%>
<%- row = [ tran_id, tran_actid, tran_actname, cus_name, tran_code ]
-%>
<%#= CSV.generate_line(row).html_safe.strip%>
<%end%>
<%else%>
Sorry we found no results
<%end%>
now i got 5 extra empty rows how can avoid the empty rows.
thanks for advance.
--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To unsubscribe f...
2011 Jun 26
1
ActionView::Template::Error (Cannot modify SafeBuffer in place):
...well, I get this error:
ActionView::Template::Error (Cannot modify SafeBuffer in place):
When passing a string to this function (in application_helper.rb)
through a simple: <%= format_me(article[shortdesc])%>
def format_me(text, html_options={}, options={})
text = ''''.html_safe if text.nil?
start_tag = tag(''p class=grey'', html_options, true)
text = sanitize(text) unless options[:sanitize] == false
text.gsub!(/\r\n?/, "\n") # \r\n and \r -> \n
text.gsub!(/\n\n+/, "</p><br />\n\n#{start_tag}&...
2011 Aug 31
0
ERB and binding in template
How to get current binding in a partial (to use helpers and local
variables in erb script)?
When I invoke result whithout binding,
= ERB.new("script").result.html_safe
all work (without vars are needed), but when I write
= ERB.new("script").result(binding).html_safe
(in HAML HTML partial), THE PARTIAL''S REST OF OUTPUT IS CLEAR.
What is the problem?
--
Posted via http://www.ruby-forum.com/.
--
You received this message because you are su...
2011 Mar 10
2
Trying to test flash messaging with rspec
...The helper is:
def flash_helper
f_names = [:success]
fl = ''''
for name in f_names
if flash[name]
fl = fl + "<div class=\"notice\">#{flash[name]}</div>"
end
flash[name] = nil;
end
return fl.html_safe
end
[/code]
Like I said the flash message works just fine however the test fails any
ideas would be greatly appreciated.
Hope all is well :)
--
Posted via http://www.ruby-forum.com/.
2010 Aug 17
3
Rails 3 flash message problems
...ef flash_messages
messages = []
%w(notice warning error).each do |msg|
messages << content_tag(:div, content_tag(:p,
html_escape(flash[msg.to_sym])), :class => "message #{msg}") unless
flash[msg.to_sym].blank?
end
messages
end
I am not sure how to make it html_safe so that Rails 3 renders it
properly. No problems with Rails 2.3.8, but I had to mark the entire
method "safe_method" using rails_xss plugin.
Is there a rule to doing this kind of view sanitization?
Thanks.
Bharat
--
Posted via http://www.ruby-forum.com/.
--
You received this messa...
2006 Mar 25
7
Overriding <div class="fieldWithErrors">
Does anyone know how to override the <div class="fieldWithErrors">
behaviour when a form field is incorrect?
Thanks,
Dan
2010 Jul 27
13
3.0.0rc ActionController::RoutingError No route matches
Have been developing on 3.0.0beta4 and just updated to 3.0.0.rc.
When I try to link_to() a User object that previously had worked, I
get the following:
ActionView::Template::Error (No route matches
{:action=>"destroy", :controller=>"games", :id=>#<User ..... >
Yet I have in my routes.rb file has resources :users and my "rake
routes" shows:
2011 Jul 15
0
Writing test for CacheHelper
Hi,
I''m working to patch actionpack/lib/action_view/helpers/
cache_helper.rb so that it doesn''t throw when ouput_buffer isn''t
ActionView::OutputBuffer but is still html_safe. In 3-0-stable the
function contains the following if:
if output_buffer.is_a?(ActionView::OutputBuffer)
safe_output_buffer = output_buffer.to_str
fragment = safe_output_buffer.slice!(pos..-1)
self.output_buffer =
ActionView::OutputBuffer.new(safe_outpu...
2010 May 25
0
Rails 2.3.8 Upgrade Mods
Same problem here but solved! hopefully this is helpful. Solution was
to watch Ryan Bates Railscast on Rails 3 XSS, and then to ensure any
strings being sent out by my form and custom helpers was HTML Safe =>
Just look for where the helpers are rendering tags and string and add
the ".html_safe" method on the end.
Hope this is helpful
--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To unsubscribe from this group...
2011 Mar 09
1
" instead of " in js code rendered by erb
Having problems rendering javascript in erb file. Thanks for
suggestions.
//layout erb file
(function() {
...
var widget_properties = {};
<%= content_for?(:extend_widget) ? "widget_properties = " +
yield(:extend_widget) : '''' %>
...
})();
//view erb file
<% content_for :extend_widget do %>
extend = {
_init: function() {
2011 Apr 05
0
block method output is generating twice
...tag(:li, "")
end
end
and using it as
<%= data_list_for @leads, [" :10", "Age:30", "Contact:140", "Phone:
140", "Email:180", "Company:100", ""] do |l| %>
<%= l.column { |c| link_to " ".html_safe, "leads/details/
#{c.object.id}", :class=>:plus, :remote=>true } %>
<%= l.column { |c| c.object.age } %>
<%= l.column { |c| c.object.contact.complete_name } %>
<%= l.column { |c| c.object.contact.phones.blank? ? "-" :
c.object.contact.phones.f...
2012 Feb 09
0
how to rename a method of a module.
...s = {})
options, collection = collection, nil if collection.is_a? Hash
# Taken from original will_paginate code to handle if the helper
is not passed a collection object.
collection ||= infer_collection_from_controller
options[:renderer] ||= BootstrapLinkRenderer
super.try :html_safe
end
.............
So when I call will_paginate it''s rendered using BootstrapLinkRenderer.
I want to rename the method name will_paginate in, for example
bootstrap-will_paginate, so that I can use will_paginate with its own
render and bootstrap-will_paginate with BootstrapLinkRenderer....
2012 Mar 28
1
collection_select
_form.html.haml
= f.label :Select_Brand, "Select_Brand<em>*</em>".html_safe
= collection_select(:brand_name, :brand_id, Brand.all, :id, :name,
:prompt => "Select a Brand" )
show.html.haml file
%table
%tr
%td
Brand_Name :
%td
= @message.brand_id
After writing this code I am not able to see the brand name. Its not
giving any error but...