diff options
author | Santiago Pastorino <santiago@wyeworks.com> | 2010-10-18 13:58:57 -0200 |
---|---|---|
committer | Santiago Pastorino <santiago@wyeworks.com> | 2010-10-18 13:59:56 -0200 |
commit | 330327eeecd3666a7b9b407e804b36cb1bc3cb48 (patch) | |
tree | bb2ed398e59ef6a073ebd44f7bd09739a9a63c06 /actionpack/lib/action_view/helpers/form_helper.rb | |
parent | df044ec4ace106b05a1db40a9c14addeafe0dd7a (diff) | |
download | rails-330327eeecd3666a7b9b407e804b36cb1bc3cb48.tar.gz rails-330327eeecd3666a7b9b407e804b36cb1bc3cb48.tar.bz2 rails-330327eeecd3666a7b9b407e804b36cb1bc3cb48.zip |
Call html_escape in ERB::Util module and don't mix it in in the helpers
Diffstat (limited to 'actionpack/lib/action_view/helpers/form_helper.rb')
-rw-r--r-- | actionpack/lib/action_view/helpers/form_helper.rb | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/actionpack/lib/action_view/helpers/form_helper.rb b/actionpack/lib/action_view/helpers/form_helper.rb index b34a74788e..d6e175c7e8 100644 --- a/actionpack/lib/action_view/helpers/form_helper.rb +++ b/actionpack/lib/action_view/helpers/form_helper.rb @@ -5,6 +5,7 @@ require 'action_view/helpers/form_tag_helper' require 'active_support/core_ext/class/inheritable_attributes' require 'active_support/core_ext/hash/slice' require 'active_support/core_ext/object/blank' +require 'active_support/core_ext/string/output_safety' module ActionView # = Action View Form Helpers @@ -907,7 +908,7 @@ module ActionView end options["type"] ||= field_type options["value"] = options.fetch("value"){ value_before_type_cast(object) } unless field_type == "file" - options["value"] &&= html_escape(options["value"]) + options["value"] &&= ERB::Util.html_escape(options["value"]) add_default_name_and_id(options) tag("input", options) end @@ -943,7 +944,7 @@ module ActionView options["cols"], options["rows"] = size.split("x") if size.respond_to?(:split) end - content_tag("textarea", html_escape(options.delete('value') || value_before_type_cast(object)), options) + content_tag("textarea", ERB::Util.html_escape(options.delete('value') || value_before_type_cast(object)), options) end def to_check_box_tag(options = {}, checked_value = "1", unchecked_value = "0") |