Skip to content


Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP


Broken escape_javascript after SafeBuffer modifications in rails 3.0.8 #1553

morgoth opened this Issue · 10 comments

7 participants

Wojciech Wnętrzak José Valim Alexander Zubkov Paul Gallagher Sven G. Brönstrup Richard Adams diogui
Wojciech Wnętrzak

After this commit: 53a2c0b
(in rails 3-0-stable branch and present in rails 3.0.8)
javascript_escape connected with rendering template is not working correctly.

<%= escape_javascript(render("partial")) %>

Partial content:

<span> Topics </span>

rails 3.0.8:

"<span> Topics span>"

rails 3.0.7:

"<span> Topics <\\/span>\\n"

You can play with this bug using sample app:

Wojciech Wnętrzak

related to #1555

José Valim

escape_javascript needs to be fixed to not use $1.

Alexander Zubkov

Same problem here

Paul Gallagher

@josevalim that's what we're doing as a monkey-patch to get by for now, however it means gsub's behaviour remains changed from ruby core doc.. not too comfortable with that. I'm trying to find a good fix to suggest on 1555.

José Valim

@tardate I don't think we can leave gsub intact. If it cannot work as in core, we will probably remove it straight away. that's why I suggest to change escape_javascript to fix the issue differently. :)

Sven G. Brönstrup

As a quick workaround you can write an initializer monkey-patching escape_javascript:

module ActionView::Helpers::JavaScriptHelper
  def escape_javascript_with_workaround(javascript)

  alias_method_chain :escape_javascript, :workaround
Richard Adams

same issue on 3.1.0.rc2

José Valim

Fixed on #1558.

José Valim josevalim closed this

Hi. I'm just starting wiht rails 3.0.8. and I came across with the same problem ... Starpeak where should I put that monkey-patching escape_javascript ? Thanks for your help and Keep on the good work guys ! Amazing chages from Rails 1 to now . Rails is getting better and better :)


I've update to the 3.0.9 version :) Wroking perfect :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.