From a lengthy discussion on #rubyonrails@freenode.net, I am wondering
about something. The *_path and *_url methods return plain String objects,
not an ActiveSupport::SafeBuffer. If something is passed into (say) link_to
that contains an escapable character, such as & in a query string, link_to
will escape it.

I haven't encountered people putting .html_safe on *_path methods before,
so I didn't know about this. Is this something well-known? Is it expected?
My assumption was that it would have been html_safe.

Anyone have any thoughts on this?

Example:
app.glucose_readings_path(:hello => true, :goodbye=> false)
=> "/glucose_readings?goodbye=false&hello=true"
app.glucose_readings_path(:hello => true, :goodbye=> false).class
=> String < Object
foo.link_to "hi", app.glucose_readings_path(:hello => true, :goodbye=>
false)
=> "<a href=\"/glucose_readings?goodbye=false&amp;hello=true\">hi</a>"
foo.link_to "hi", app.glucose_readings_path(:hello => true, :goodbye=>
false).html_safe
=> "<a href=\"/glucose_readings?goodbye=false&hello=true\">hi</a>"

--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe@googlegroups.com.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/CAHUC_t9kcbh-3ZL7c9SSZx_XGM665UrUsi6CiFKe3rVG7dxvKA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Search Discussions

  • Matt Jones at Sep 2, 2014 at 2:40 pm

    On Monday, 1 September 2014 15:50:34 UTC-4, tamouse wrote:
    From a lengthy discussion on #RubyO...@freenode.net <javascript:>, I am
    wondering about something. The *_path and *_url methods return plain String
    objects, not an ActiveSupport::SafeBuffer. If something is passed into
    (say) link_to that contains an escapable character, such as & in a query
    string, link_to will escape it.

    I haven't encountered people putting .html_safe on *_path methods before,
    so I didn't know about this. Is this something well-known? Is it expected?
    My assumption was that it would have been html_safe.

    Anyone have any thoughts on this?

    Example:
    app.glucose_readings_path(:hello => true, :goodbye=> false)
    => "/glucose_readings?goodbye=false&hello=true"
    app.glucose_readings_path(:hello => true, :goodbye=> false).class
    => String < Object
    foo.link_to "hi", app.glucose_readings_path(:hello => true, :goodbye=>
    false)
    => "<a href=\"/glucose_readings?goodbye=false&amp;hello=true\">hi</a>"
    This is the correct way to format links with & in them. Browsers tolerate
    the un-escaped version, but it's not technically valid HTML...

    --Matt Jones

    --
    You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
    To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe@googlegroups.com.
    To post to this group, send email to rubyonrails-talk@googlegroups.com.
    To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/c622dc12-303f-4741-8d59-c821b632a01a%40googlegroups.com.
    For more options, visit https://groups.google.com/d/optout.
  • Tamouse pontiki at Sep 4, 2014 at 3:12 am

    On Tue, Sep 2, 2014 at 9:40 AM, Matt Jones wrote:
    On Monday, 1 September 2014 15:50:34 UTC-4, tamouse wrote:

    From a lengthy discussion on #RubyO...@freenode.net, I am wondering
    about something. The *_path and *_url methods return plain String objects,
    not an ActiveSupport::SafeBuffer. If something is passed into (say) link_to
    that contains an escapable character, such as & in a query string, link_to
    will escape it.

    I haven't encountered people putting .html_safe on *_path methods before,
    so I didn't know about this. Is this something well-known? Is it expected?
    My assumption was that it would have been html_safe.

    Anyone have any thoughts on this?

    Example:
    app.glucose_readings_path(:hello => true, :goodbye=> false)
    => "/glucose_readings?goodbye=false&hello=true"
    app.glucose_readings_path(:hello => true, :goodbye=> false).class
    => String < Object
    foo.link_to "hi", app.glucose_readings_path(:hello => true,
    :goodbye=> false)
    => "<a href=\"/glucose_readings?goodbye=false&amp;hello=true\">hi</a>"
    This is the correct way to format links with & in them. Browsers tolerate
    the un-escaped version, but it's not technically valid HTML...
    You are so right! I never knew that.

    --
    You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
    To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe@googlegroups.com.
    To post to this group, send email to rubyonrails-talk@googlegroups.com.
    To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/CAHUC_t9HVtF0KRFMTbvBFrhW%3Do%3DW%3D78qP-nU-%2B6rXhWwgNRdnw%40mail.gmail.com.
    For more options, visit https://groups.google.com/d/optout.

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
grouprubyonrails-talk @
categoriesrubyonrails
postedSep 1, '14 at 7:49p
activeSep 4, '14 at 3:12a
posts3
users2
websiterubyonrails.org
irc#RubyOnRails

2 users in discussion

Tamouse pontiki: 2 posts Matt Jones: 1 post

People

Translate

site design / logo © 2022 Grokbase