Methods

Class/Module Index [+]

Quicksearch

ActionView::Helpers::OutputSafetyHelper

Public Instance Methods

raw(stringish) click to toggle source

This method outputs without escaping a string. Since escaping tags is now default, this can be used when you don’t want Rails to automatically escape tags. This is not recommended if the data is coming from the user’s input.

For example:

<%=raw @user.name %>

# File lib/action_view/helpers/output_safety_helper.rb, line 15
def raw(stringish)
  stringish.to_s.html_safe
end
safe_join(array, sep=$,) click to toggle source

This method returns a html safe string similar to what Array#join would return. All items in the array, including the supplied separator, are html escaped unless they are html safe, and the returned string is marked as html safe.

safe_join(["<p>foo</p>".html_safe, "<p>bar</p>"], "<br />")
# => "<p>foo</p>&lt;br /&gt;&lt;p&gt;bar&lt;/p&gt;"

safe_join(["<p>foo</p>".html_safe, "<p>bar</p>".html_safe], "<br />".html_safe)
# => "<p>foo</p><br /><p>bar</p>"
# File lib/action_view/helpers/output_safety_helper.rb, line 30
def safe_join(array, sep=$,)
  sep ||= "".html_safe
  sep = ERB::Util.html_escape(sep)

  array.map { |i| ERB::Util.html_escape(i) }.join(sep).html_safe
end

[Validate]

Generated with the Darkfish Rdoc Generator 2.