Module | ERB::Util |
In: |
lib/action_view/template_handlers/erb.rb
|
HTML_ESCAPE | = | { '&' => '&', '>' => '>', '<' => '<', '"' => '"' } |
JSON_ESCAPE | = | { '&' => '\u0026', '>' => '\u003E', '<' => '\u003C' } |
A utility method for escaping HTML tag characters. This method is also aliased as h.
In your ERb templates, use this method to escape any unsafe content. For example:
<%=h @person.name %>
puts html_escape("is a > 0 & a < 10?") # => is a > 0 & a < 10?
A utility method for escaping HTML entities in JSON strings. This method is also aliased as j.
In your ERb templates, use this method to escape any HTML entities:
<%=j @person.to_json %>
puts json_escape("is a > 0 & a < 10?") # => is a \u003E 0 \u0026 a \u003C 10?