Skip to content

Commit

Permalink
Make HTML escaping work as expected. Note: Don't get why the outer ht…
Browse files Browse the repository at this point in the history 
…ml_safe-call isn't enough. =S
  • Loading branch information
@grimen @josevalim
grimen authored and josevalim committed Jul 23, 2010
1 parent bcc442b commit fb02665
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion lib/simple_form/inputs/base.rb
View file
Expand Up @@ -39,7 +39,7 @@ def render
send(component)
end
content.compact!
wrap(content.join).html_safe
wrap(content.join.html_safe).html_safe
end

protected
Expand Down

4 comments on commit fb02665

@adzap
Copy link

@adzap adzap commented on fb02665 Jul 23, 2010

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's because content_tag will escape any content string unless it is already marked html_safe. It uses the overridden ERB::Util.html_escape method which now checks for the html_safe flag first before escaping.

@vinibaggio
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice!!! I was trying to fix that myself but couldn't find the source of the problem...

@grimen
Copy link
Author

@grimen grimen commented on fb02665 Jul 23, 2010

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@adzap: OK, I didn't know that. Thanks for the expanation!

@vinibaggio: I was actually wondering if I was the only one. :)

@vinibaggio
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@grimen: Thanks a lot!! :)

Please sign in to comment.