-
Notifications
You must be signed in to change notification settings - Fork 21.6k
-
Notifications
You must be signed in to change notification settings - Fork 21.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Shouldn't tag helpers use single quotes? #9927
Comments
Why it doesn't work. Could you put the generated HTML? |
Sure! Single Quotes </br>
<input type='hidden' name='c1' value='''>
<input type='hidden' name='c2' value='"'>
hidden_field_tag </br>
<input id="c1" name="c1" type="hidden" value="'" />
<input id="c2" name="c2" type="hidden" value=""" />
double quotes </br>
<input type='hidden' name='c1' value="'">
<input type='hidden' name='c1' value="""> This is how it's parsed by Firefox: Single Quotes
<br>
<input type="hidden" value="'" name="c1">
<input type="hidden" value=""" name="c2">
hidden_field_tag
<br>
<input id="c1" type="hidden" value="'" name="c1">
<input id="c2" type="hidden" "="" value="" name="c2">
double quotes
<br>
<input type="hidden" value="'" name="c1">
<input type="hidden" "="" value="" name="c1"> This is the erb code: <% c1 ="'" %>
<% c2='"' %>
Single Quotes </br>
<input type='hidden' name='c1' value='<%= h c1 %>'>
<input type='hidden' name='c2' value='<%= h c2 %>'>
hidden_field_tag </br>
<%= hidden_field_tag :c1, c1 %>
<%= hidden_field_tag :c2, c2 %>
double quotes </br>
<input type='hidden' name='c1' value="<%= h c1 %>">
<input type='hidden' name='c1' value="<%= h c2 %>"> |
Ever since b6ab441 we escape single and double quotes. I'm not sure if you have a library installed which is messing with things:
and my generated html is: <input id="c1" name="c1" type="hidden" value="'" />
<input id="c2" name="c2" type="hidden" value=""" /> What version of rails and libraries are you using? |
Good point. I should have tried on the console 😳 |
I have Rails 3.2.11. On the Rails console I get
Which libraries should I check?
|
No idea. Try bootstrap-sass, cells, roo. I'm closing this issue since it is not a Rails issue. Thank you report. If you need any extra helper or found a solution please comment on this issue. |
Suppose we have
This works.
However,
or
doesn't. Basically, due to the way html_escape works, it seems that using single quotes to wrap values in the tag helpers makes it possible to use all string values as attributes.
The text was updated successfully, but these errors were encountered: