Module: ActionView::Helpers::JavaScriptHelper
- Included in:
- ActionView::Helpers
- Defined in:
- lib/action_view/helpers/javascript_helper.rb
Constant Summary collapse
- JS_ESCAPE_MAP =
{ '\\' => '\\\\', "</" => '<\/', "\r\n" => '\n', "\n" => '\n', "\r" => '\n', '"' => '\\"', "'" => "\\'", "`" => "\\`", "$" => "\\$" }
Instance Method Summary collapse
-
#escape_javascript(javascript) ⇒ Object
(also: #j)
Escapes carriage returns and single and double quotes for JavaScript segments.
-
#javascript_cdata_section(content) ⇒ Object
:nodoc:.
-
#javascript_tag(content_or_options_with_block = nil, html_options = {}, &block) ⇒ Object
Returns a JavaScript tag with the
content
inside.
Instance Method Details
#escape_javascript(javascript) ⇒ Object Also known as: j
Escapes carriage returns and single and double quotes for JavaScript segments.
Also available through the alias j(). This is particularly helpful in JavaScript responses, like:
$('some_element').replaceWith('<%= j render 'some/element_template' %>');
29 30 31 32 33 34 35 36 37 |
# File 'lib/action_view/helpers/javascript_helper.rb', line 29 def escape_javascript(javascript) javascript = javascript.to_s if javascript.empty? result = "" else result = javascript.gsub(/(\\|<\/|\r\n|\342\200\250|\342\200\251|[\n\r"']|[`]|[$])/u, JS_ESCAPE_MAP) end javascript.html_safe? ? result.html_safe : result end |
#javascript_cdata_section(content) ⇒ Object
:nodoc:
92 93 94 |
# File 'lib/action_view/helpers/javascript_helper.rb', line 92 def javascript_cdata_section(content) #:nodoc: "\n//#{cdata_section("\n#{content}\n//")}\n".html_safe end |
#javascript_tag(content_or_options_with_block = nil, html_options = {}, &block) ⇒ Object
Returns a JavaScript tag with the content
inside. Example:
javascript_tag "alert('All is good')"
Returns:
<script>
//<![CDATA[
alert('All is good')
//]]>
</script>
html_options
may be a hash of attributes for the <script>
tag.
javascript_tag "alert('All is good')", defer: 'defer'
Returns:
<script defer="defer">
//<![CDATA[
alert('All is good')
//]]>
</script>
Instead of passing the content as an argument, you can also use a block in which case, you pass your html_options
as the first parameter.
<%= javascript_tag defer: 'defer' do -%>
alert('All is good')
<% end -%>
If you have a content security policy enabled then you can add an automatic nonce value by passing nonce: true
as part of html_options
. Example:
<%= javascript_tag nonce: true do -%>
alert('All is good')
<% end -%>
76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 |
# File 'lib/action_view/helpers/javascript_helper.rb', line 76 def javascript_tag( = nil, = {}, &block) content = if block_given? = if .is_a?(Hash) capture(&block) else end if [:nonce] == true [:nonce] = content_security_policy_nonce end content_tag("script", javascript_cdata_section(content), ) end |