Sha256: dc63e7bf224748dfbbdc57a5588525efed209e95a0d77c73954f7803250cb1f4
Contents?: true
Size: 1.33 KB
Versions: 2
Compression:
Stored size: 1.33 KB
Contents
require 'active_support/core_ext/string/output_safety'
module ActionView #:nodoc:
# = Action View Raw Output Helper
module Helpers #:nodoc:
module OutputSafetyHelper
# This method outputs without escaping a string. Since escaping tags is
# now default, this can be used when you don't want Rails to automatically
# escape tags. This is not recommended if the data is coming from the user's
# input.
#
# For example:
#
# raw @user.name
# # => 'Jimmy <alert>Tables</alert>'
def raw(stringish)
stringish.to_s.html_safe
end
# This method returns an HTML safe string similar to what <tt>Array#join</tt>
# would return. The array is flattened, and all items, including
# the supplied separator, are HTML escaped unless they are HTML
# safe, and the returned string is marked as HTML safe.
#
# safe_join([raw("<p>foo</p>"), "<p>bar</p>"], "<br />")
# # => "<p>foo</p><br /><p>bar</p>"
#
# safe_join([raw("<p>foo</p>"), raw("<p>bar</p>")], raw("<br />")
# # => "<p>foo</p><br /><p>bar</p>"
#
def safe_join(array, sep=$,)
sep = ERB::Util.unwrapped_html_escape(sep)
array.flatten.map! { |i| ERB::Util.unwrapped_html_escape(i) }.join(sep).html_safe
end
end
end
end
Version data entries
2 entries across 2 versions & 1 rubygems
| Version | Path |
|---|---|
| actionview-5.0.0.beta3 | lib/action_view/helpers/output_safety_helper.rb |
| actionview-5.0.0.beta2 | lib/action_view/helpers/output_safety_helper.rb |