It depends.
If the strings are entered by the user you should stay away from using
html_safe because you open your application to html injection attacks.
If the strings come from a trusted source, it is OK to use html_safe.
On Dec 18, 5:50 pm, Linus Pettersson <linus.petters...@gmail.com>
wrote:
> Hi!
>
> I'm importing lots of products via XML. Some characters like the swedish å,
> ä, ö are encoded as å for instance. When I print it I just append
> .html_safe to make it appear correct.
>
> Is this a good and safe approach or should I convert the characters in some
> other way?
--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
No comments:
Post a Comment