Skip to content

change to output_safety.rb 2.3.16 causes HTML escape codes to show up in form fields for webkit-based browsers #9145

Closed
morgancurrie opened this Issue Feb 1, 2013 · 0 comments

2 participants

@morgancurrie

Single quotes have been added to the HTML_ESCAPE hash in output_safety.rb, but they are currently being replaced with their hex code equivalent (& #x27;), which Chrome/Safari will display as-is in the form field. If they are replaced with the decimal equiv (& #39;) instead, the browser will properly display a single quote in their place, as is already done with other escaped characters (& gt;, & amp;, etc.).

I've submitted a pull request with the tweak here: #9144

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.