HTML escaping

**unknown888** · 18-03-2009, 19:24

I am closing in on final bits of my railslist project a craigslist style open source classifieds. Reviewing final checks to be done before it is released to the community. One thing stuck me was HTML escaping. Although I can escape each input separately, i am interested to have some thing that would accept an object and escape all its attributes.

any ideas?

**Rock** · 18-03-2009, 23:46

Originally Posted by unknown888

I am closing in on final bits of my railslist project a craigslist style open source classifieds. Reviewing final checks to be done before it is released to the community. One thing stuck me was HTML escaping. Although I can escape each input separately, i am interested to have some thing that would accept an object and escape all its attributes.

any ideas?

I'm not much good into RoR, but I've done some research & come across these links:

1) escapeHTML (CGI)
2) html_escape (RSS::Utils)
3) html_escape (ERB::Util)

Hope they are useful..

**unknown888** · 19-03-2009, 17:23

thank you Rock.

**Rock** · 20-03-2009, 00:34

You are welcome..

**spawncamper** · 10-11-2010, 00:42

Sorry to dredge up an old post but if anyone is reading this all strings are now html escaped in rails3

Thread: HTML escaping

Thread Tools

Display

HTML escaping

Thread Information

Users Browsing this Thread

Posting Permissions