Monday, September 1, 2014
From a lengthy discussion on #RubyOnRails@freenode.net, I am wondering about something. The *_path and *_url methods return plain String objects, not an ActiveSupport::SafeBuffer. If something is passed into (say) link_to that contains an escapable character, such as & in a query string, link_to will escape it.
-- I haven't encountered people putting .html_safe on *_path methods before, so I didn't know about this. Is this something well-known? Is it expected? My assumption was that it would have been html_safe.
Anyone have any thoughts on this?
Example:
>> app.glucose_readings_path(:hello => true, :goodbye=> false)
=> "/glucose_readings?goodbye=false&hello=true"
>> app.glucose_readings_path(:hello => true, :goodbye=> false).class
=> String < Object
>> foo.link_to "hi", app.glucose_readings_path(:hello => true, :goodbye=> false)
=> "<a href=\"/glucose_readings?goodbye=false&hello=true\">hi</a>"
>> foo.link_to "hi", app.glucose_readings_path(:hello => true, :goodbye=> false).html_safe
=> "<a href=\"/glucose_readings?goodbye=false&hello=true\">hi</a>"
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe@googlegroups.com.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/CAHUC_t9kcbh-3ZL7c9SSZx_XGM665UrUsi6CiFKe3rVG7dxvKA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment