Module: ERB::Util
- Included in:
- ActionView::Base, ActionView::Helpers::FormOptionsHelper, ActionView::Helpers::TagHelper
- Defined in:
- lib/action_view/erb/util.rb
Constant Summary collapse
- HTML_ESCAPE =
{ '&' => '&', '>' => '>', '<' => '<', '"' => '"' }
- JSON_ESCAPE =
{ '&' => '\u0026', '>' => '\u003E', '<' => '\u003C' }
Class Method Summary collapse
-
.h ⇒ Object
A utility method for escaping HTML tag characters.
-
.html_escape(s) ⇒ Object
A utility method for escaping HTML tag characters.
-
.j ⇒ Object
A utility method for escaping HTML entities in JSON strings.
-
.json_escape(s) ⇒ Object
A utility method for escaping HTML entities in JSON strings.
Class Method Details
.h ⇒ Object
A utility method for escaping HTML tag characters. This method is also aliased as h
.
In your ERb templates, use this method to escape any unsafe content. For example:
<%=h @person.name %>
Example:
puts html_escape("is a > 0 & a < 10?")
# => is a > 0 & a < 10?
22 23 24 |
# File 'lib/action_view/erb/util.rb', line 22 def html_escape(s) s.to_s.gsub(/[&"><]/) { |special| HTML_ESCAPE[special] } end |
.html_escape(s) ⇒ Object
A utility method for escaping HTML tag characters. This method is also aliased as h
.
In your ERb templates, use this method to escape any unsafe content. For example:
<%=h @person.name %>
Example:
puts html_escape("is a > 0 & a < 10?")
# => is a > 0 & a < 10?
17 18 19 |
# File 'lib/action_view/erb/util.rb', line 17 def html_escape(s) s.to_s.gsub(/[&"><]/) { |special| HTML_ESCAPE[special] } end |
.j ⇒ Object
A utility method for escaping HTML entities in JSON strings. This method is also aliased as j
.
In your ERb templates, use this method to escape any HTML entities:
<%=j @person.to_json %>
Example:
puts json_escape("is a > 0 & a < 10?")
# => is a \u003E 0 \u0026 a \u003C 10?
40 41 42 |
# File 'lib/action_view/erb/util.rb', line 40 def json_escape(s) s.to_s.gsub(/[&"><]/) { |special| JSON_ESCAPE[special] } end |
.json_escape(s) ⇒ Object
A utility method for escaping HTML entities in JSON strings. This method is also aliased as j
.
In your ERb templates, use this method to escape any HTML entities:
<%=j @person.to_json %>
Example:
puts json_escape("is a > 0 & a < 10?")
# => is a \u003E 0 \u0026 a \u003C 10?
36 37 38 |
# File 'lib/action_view/erb/util.rb', line 36 def json_escape(s) s.to_s.gsub(/[&"><]/) { |special| JSON_ESCAPE[special] } end |