Module: ERB::Util

Included in:
ActionView::Base, ActionView::Helpers::FormOptionsHelper, ActionView::Helpers::TagHelper
Defined in:
lib/action_view/template_handlers/erb.rb

Constant Summary collapse

HTML_ESCAPE =
{ '&' => '&amp;',  '>' => '&gt;',   '<' => '&lt;', '"' => '&quot;' }
JSON_ESCAPE =
{ '&' => '\u0026', '>' => '\u003E', '<' => '\u003C' }

Class Method Summary collapse

Instance Method Summary collapse

Class Method Details

.jObject

A utility method for escaping HTML entities in JSON strings. This method is also aliased as j.

In your ERb templates, use this method to escape any HTML entities:

<%=j @person.to_json %>

Example:

puts json_escape("is a > 0 & a < 10?")
# => is a \u003E 0 \u0026 a \u003C 10?

34
35
36
# File 'lib/action_view/template_handlers/erb.rb', line 34

def json_escape(s)
  s.to_s.gsub(/[&"><]/) { |special| JSON_ESCAPE[special] }
end

.json_escape(s) ⇒ Object

A utility method for escaping HTML entities in JSON strings. This method is also aliased as j.

In your ERb templates, use this method to escape any HTML entities:

<%=j @person.to_json %>

Example:

puts json_escape("is a > 0 & a < 10?")
# => is a \u003E 0 \u0026 a \u003C 10?

30
31
32
# File 'lib/action_view/template_handlers/erb.rb', line 30

def json_escape(s)
  s.to_s.gsub(/[&"><]/) { |special| JSON_ESCAPE[special] }
end

Instance Method Details

#html_escape(s) ⇒ Object

A utility method for escaping HTML tag characters. This method is also aliased as h.

In your ERb templates, use this method to escape any unsafe content. For example:

<%=h @person.name %>

Example:

puts html_escape("is a > 0 & a < 10?")
# => is a &gt; 0 &amp; a &lt; 10?

17
18
19
# File 'lib/action_view/template_handlers/erb.rb', line 17

def html_escape(s)
  s.to_s.gsub(/[&"><]/) { |special| HTML_ESCAPE[special] }
end