similar to: Best Practices: Escaping text on input or output?

I am using rxml to produce opml files and need to escape ampersands in the attributes. builder 2.0 docs found at http://builder.rubyforge.org/ show the following xml = Builder::XmlMarkup.new xml.sample(:escaped=>"This&That", :unescaped=>:"Here&amp;There") xml.target! => <sample escaped="This&amp;That"

Hi I have a wysiwyg html ditor in my app. How do I escape html written to the database and encoding when I display the content> Ty Pieter -------------- next part -------------- An HTML attachment was scrubbed... URL: http://wrath.rubyonrails.org/pipermail/rails/attachments/20060815/d8c50941/attachment.html

Can someone recommend a good web host for ROR? -- Posted via http://www.ruby-forum.com/.

This will give you something to run on when Oracle refuses to renew the MySQL InnoDB license next year..... Linux and Windows versions You can run DB2 Express-C on up to 2 dual-core CPU servers, with up to 4 GB of memory, any storage system setup and with no restrictions on database size or any other artificial restrictions. Business partners may choose to register for free redistribution of

Hi there, I am working in a RoR application which allows certain users to upload files. Currently I store these files in a directory called "files". This directory is located in the RoR application directory: rails/rails_application/files So users don''t have access to them. Now I want users to be able to download some of these files (they will search based on some

Looking at the code for ActionController#send_file I see that it is using ruby to send the file contents. Linux supports a sendfile() OS call. The implementation of Linux sendfile() is extremely fast and very CPU efficient, far faster than what can be done in user space. Does Windows support a sendfile() equivalent call? I haven''t been working with ruby long enough to know how it handles

/klibc/klibc/include/bits32/bitsize/stdint.h:8: error: redefinition of `int8_t' /klibc/linux/include/linux/types.h:109: error: `int8_t' previously declared here The copy in stdint.h is not protected by: #ifndef __BIT_TYPES_DEFINED__ #define __BIT_TYPES_DEFINED__ #endif /* !(__BIT_TYPES_DEFINED__) */ ===== Jon Smirl jonsmirl@yahoo.com __________________________________ Do you Yahoo!?

Being new to testing and ruby, are there "standard" tests that can be done that test for things like cross site scripting and friends? If not, anyone have ideas on what I might do about testing those sorts of things? I''ll be using rails, also. Mike B. ---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging

What do I need to do to fix this? [jonsmirl@smirl klibc-0.184]$ make make[1]: Entering directory `/home/dri/klibc-0.184/klibc' gcc -Wp,-MT,syscalls.nrs,-MD,./.syscalls.nrs.d -mregparm=3 -DREGPARM=3 -march=i386 -Os -g -falign-functions=0 -falign-jumps=0 -falign-loops=0 -nostdinc -iwithprefix include -D__KLIBC__ -DBITSIZE=32 -I../include/arch/i386 -I../include/bits32 -I../include

I currently have a dedicated server at ev1servers, but it''s getting rather antiquated (Redhat 9) and am looking to upgrade. I''m thinking about serverbeach.com - one of their CentOS servers. Anybody have any recommendations for dedicated servers on which to run Rails? Hopefully less than $200/month. Thanks! CSN __________________________________________________ Do You Yahoo!?

To make file_column work I have to copy my local variable back to an instance variables like this: <% for product in @products @product = product %> <div class="catalogentry"> <%= image_tag url_for_file_column(''product'', ''image_url'') %></p> This is needed because file_column specifically looks for the instance

Hello, I read in the wiki (http://wiki.dovecot.org/MailboxFormat/mbox) about "From Escaping": "Dovecot doesn't currently do this escaping however. Instead it prevents this confusion by adding Content-Length headers so it knows later where the next message begins. Dovecot doesn't either remove the '>' characters before sending the data to clients. Both of these

ERROR: undefined method `h'' for ERB::Util:Module i get above error when i use ERB::Util.h(content) in my controller''s action. can any one one tell me how to use this ''h'' method within controller? thanks, Jigar Gosar http://jigar.org -- Posted via http://www.ruby-forum.com/.

Hey guys, I often get this problem the first time I try to deploy a rails app on dreamhost and I''m not sure what the cause is. Basically, I have an app that''s running fine on my local machine. I''ve uploaded the app, configured and migrated to the latest version of the db, and set all of the necessary directories to 755. But when I run dispatch.rb in ssh or

The lighttpd config file is set up like this... Rails url: //host/controller/method/id Lighttpd tries to open the file ''controller/method/id'' from the document root. Of course this doesn''t work and generates an error 404 This gets caught with: server.error-handler-404 = "/dispatch.fcgi" Which turns the request into "/dispatch.fcgi" That gets caught

From: Maros Zatko <hacxman@gmail.com> Auxiliary functions for readline to support space character escaping in filenames in future. Escaping function is taken from fish.c (used to be parse_quoted_string) plus its un-escaping counterpart. There are a few tests for both. Maros Zatko (3): fish: rl.{c,h} - escaping functions for readline fish: basic tests for readline escaping autotools:

I''ve submitted a small patch to make Rails behave properly with the Erubis <%== %> construct. For some reason the current behaviour of that tag in Rails 3 is to escape the contents _twice_ which is probably a bug. I offer three suggestions why this is a good idea: - The syntax is cleaner. It can avoid a lot of .html_safe and raw in your views. I especially like the conciseness of

I am running a RoR application on Apache 1.3/RedHat 7.3/MySQL 3.1.23 (Old versions I know, but upgrading to latest versions are not practical for a number of reasons). There are 5 RoR FastCGI processes configured using FastCgiServer. What I am finding is that, after a while, some of the FastCGI processes seem to ''hang''. They no longer process requests, and the only way to

I just started using Mechanize, and started using Ruby about thirty seconds before that, but one of the sites I''m scraping does a redirect on form submission to a badly-formed relative URL: index.cfm?action=bing&bang=boom=1|a=|b=|c= (etc.) Interestingly, Mechanize 0.6.2 handled this OK, but in 0.6.3 this causes a URI::InvalidURIError exception from URI.parse() in to_absolute_uri

Hi, Any advice/comments on the potential for hosting some personal Ruby applications from home? (i.e. for learning, sharing with friends etc) Would the basic concept be: * Need to buy a static IP address from you ISP * By a domain name and point it to the static IP address * Run Apache as the front end web server - Q: What basic lockdown/security steps should one take? * Perform a PORT