A utility method for escaping HTML tag characters. This method is also aliased as h.
In your ERB templates, use this method to escape any unsafe content. For example:
<%=h @person.name %>
puts html_escape("is a > 0 & a < 10?") # => is a > 0 & a < 10?
# File lib/active_support/core_ext/string/output_safety.rb, line 20 20: def html_escape(s) 21: s = s.to_s 22: if s.html_safe? 23: s 24: else 25: s.encode(s.encoding, :xml => :attr)[1...1].html_safe 26: end 27: end
A utility method for escaping HTML entities in JSON strings using uXXXX JavaScript escape sequences for string literals:
json_escape("is a > 0 & a < 10?") # => is a \u003E 0 \u0026 a \u003C 10?
Note that after this operation is performed the output is not valid JSON. In particular double quotes are removed:
json_escape('{"name":"john","created_at":"2010-04-28T01:39:31Z","id":1}') # => {name:john,created_at:2010-04-28T01:39:31Z,id:1}
This method is also aliased as j, and available as a helper in Rails templates:
<%=j @person.to_json %>
# File lib/active_support/core_ext/string/output_safety.rb, line 65 65: def json_escape(s) 66: result = s.to_s.gsub(/[&"><]/) { |special| JSON_ESCAPE[special] } 67: s.html_safe? ? result.html_safe : result 68: end
A utility method for escaping HTML tag characters. This method is also aliased as h.
In your ERB templates, use this method to escape any unsafe content. For example:
<%=h @person.name %>
puts html_escape("is a > 0 & a < 10?") # => is a > 0 & a < 10?
# File lib/active_support/core_ext/string/output_safety.rb, line 20 20: def html_escape(s) 21: s = s.to_s 22: if s.html_safe? 23: s 24: else 25: s.encode(s.encoding, :xml => :attr)[1...1].html_safe 26: end 27: end
A utility method for escaping HTML entities in JSON strings using uXXXX JavaScript escape sequences for string literals:
json_escape("is a > 0 & a < 10?") # => is a \u003E 0 \u0026 a \u003C 10?
Note that after this operation is performed the output is not valid JSON. In particular double quotes are removed:
json_escape('{"name":"john","created_at":"2010-04-28T01:39:31Z","id":1}') # => {name:john,created_at:2010-04-28T01:39:31Z,id:1}
This method is also aliased as j, and available as a helper in Rails templates:
<%=j @person.to_json %>
# File lib/active_support/core_ext/string/output_safety.rb, line 65 65: def json_escape(s) 66: result = s.to_s.gsub(/[&"><]/) { |special| JSON_ESCAPE[special] } 67: s.html_safe? ? result.html_safe : result 68: end
Disabled; run with --debug to generate this.
Generated with the Darkfish Rdoc Generator 1.1.6.