Class Index [+]

Quicksearch

ERB::Util

Constants

HTML_ESCAPE
JSON_ESCAPE

Public Class Methods

h(s) click to toggle source
Alias for: html_escape
html_escape(s) click to toggle source

A utility method for escaping HTML tag characters. This method is also aliased as h.

In your ERB templates, use this method to escape any unsafe content. For example:

  <%=h @person.name %>

Example:

  puts html_escape("is a > 0 & a < 10?")
  # => is a &gt; 0 &amp; a &lt; 10?
    # File lib/active_support/core_ext/string/output_safety.rb, line 19
19:       def html_escape(s)
20:         s = s.to_s
21:         if s.html_safe?
22:           s
23:         else
24:           s.gsub(/[&"'><]/, HTML_ESCAPE).html_safe
25:         end
26:       end
Also aliased as: h
j(s) click to toggle source
Alias for: json_escape
json_escape(s) click to toggle source

A utility method for escaping HTML entities in JSON strings using uXXXX JavaScript escape sequences for string literals:

  json_escape("is a > 0 & a < 10?")
  # => is a \u003E 0 \u0026 a \u003C 10?

Note that after this operation is performed the output is not valid JSON. In particular double quotes are removed:

  json_escape('{"name":"john","created_at":"2010-04-28T01:39:31Z","id":1}')
  # => {name:john,created_at:2010-04-28T01:39:31Z,id:1}

This method is also aliased as j, and available as a helper in Rails templates:

  <%=j @person.to_json %>
    # File lib/active_support/core_ext/string/output_safety.rb, line 64
64:     def json_escape(s)
65:       result = s.to_s.gsub(/[&"><]/) { |special| JSON_ESCAPE[special] }
66:       s.html_safe? ? result.html_safe : result
67:     end
Also aliased as: j

Private Instance Methods

h(s) click to toggle source
Alias for: html_escape
html_escape(s) click to toggle source

A utility method for escaping HTML tag characters. This method is also aliased as h.

In your ERB templates, use this method to escape any unsafe content. For example:

  <%=h @person.name %>

Example:

  puts html_escape("is a > 0 & a < 10?")
  # => is a &gt; 0 &amp; a &lt; 10?
    # File lib/active_support/core_ext/string/output_safety.rb, line 19
19:       def html_escape(s)
20:         s = s.to_s
21:         if s.html_safe?
22:           s
23:         else
24:           s.gsub(/[&"'><]/, HTML_ESCAPE).html_safe
25:         end
26:       end
Also aliased as: h
j(s) click to toggle source
Alias for: json_escape
json_escape(s) click to toggle source

A utility method for escaping HTML entities in JSON strings using uXXXX JavaScript escape sequences for string literals:

  json_escape("is a > 0 & a < 10?")
  # => is a \u003E 0 \u0026 a \u003C 10?

Note that after this operation is performed the output is not valid JSON. In particular double quotes are removed:

  json_escape('{"name":"john","created_at":"2010-04-28T01:39:31Z","id":1}')
  # => {name:john,created_at:2010-04-28T01:39:31Z,id:1}

This method is also aliased as j, and available as a helper in Rails templates:

  <%=j @person.to_json %>
    # File lib/active_support/core_ext/string/output_safety.rb, line 64
64:     def json_escape(s)
65:       result = s.to_s.gsub(/[&"><]/) { |special| JSON_ESCAPE[special] }
66:       s.html_safe? ? result.html_safe : result
67:     end
Also aliased as: j

Disabled; run with --debug to generate this.

[Validate]

Generated with the Darkfish Rdoc Generator 1.1.6.