blob: 87cb09952cb0891d6001bf568d4b38d71dfdd5ba (
plain) (
tree)
|
|
require 'erb'
class ERB
module Util
HTML_ESCAPE = { '&' => '&', '"' => '"', '>' => '>', '<' => '<' }
# A utility method for escaping HTML tag characters.
# This method is also aliased as <tt>h</tt>.
#
# In your ERb templates, use this method to escape any unsafe content. For example:
# <%=h @person.name %>
#
# ==== Example:
# puts html_escape("is a > 0 & a < 10?")
# # => is a > 0 & a < 10?
def html_escape(s)
s.to_s.gsub(/[&"><]/) { |special| HTML_ESCAPE[special] }
end
end
end
module ActionView
module TemplateHandlers
class ERB < TemplateHandler
def compile(template)
::ERB.new(template, nil, @view.erb_trim_mode).src
end
end
end
end
|