Skip to content

FAQ#escape_html is acutally URI escape #66

eregon opened this Issue May 14, 2012 · 5 comments

3 participants

eregon commented May 14, 2012


The tip mentioned at is not right.
Rack::Utils#escape is doing URI escaping as says.

One could use CGI.escapeHTML instead:

> require 'cgi'
=> true 
> CGI.escapeHTML('<b>nice try</b>')
=> "&lt;b&gt;nice try&lt;/b&gt;" 

I also find a same problem and has send a pull request in #73.

eregon commented Jul 15, 2012

@bigwheel Thanks! I will close this then, your solution seems the best.

@eregon eregon closed this Jul 15, 2012
tedsparc commented Aug 2, 2012

Hello @eregon,

Thanks for your work on this. I noticed this issue is still visible at and it tripped me up today. Is there maybe a refresh that can be done for the public web site?

eregon commented Aug 2, 2012

@tedsparc It seems fixed at me, thanks to #73 which was pulled. Rack::Utils#escape_html seems fine to escape HTML (Rack::Utils#escape is doing URI escaping though). Do you still observe alias_method :h, :escape on that page?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.