Encourage html-safe API in layouts/rendering guide #30734
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is a second pass at #30576 /cc @georgeclaghorn
Summary
While the code example was not unsafe, it encourages the use of confusingly unsafe APIs
(specifically
html_safe
). We have a safe alternative and we should encourage people to useit.
I don't know if there is an open issue for this, but a quick search doesn't reveal one.
Other Information
I've added:
I'm not sure if the language is OK or whether or not it should link to https://github.com/rails/rails/blob/b9ecb5797b97ba557a70efd66d2ff2c22501723f/guides/source/active_support_core_extensions.md#output-safety for more details.