Module: ActionView::Helpers::OutputSafetyHelper
Relationships & Source Files | |
Extension / Inclusion / Inheritance Descendants | |
Included In:
ActionDispatch::DebugView,
::ActionView::Base ,
::ActionView::Helpers ,
AssetTagHelper ,
ActionView::Helpers::DateTimeSelector,
DebugHelper ,
FormHelper ,
FormOptionsHelper ,
FormTagHelper ,
TagHelper ,
ActionView::Helpers::TagHelper::TagBuilder,
ActionView::Helpers::Tags::Base,
ActionView::Helpers::Tags::CheckBox,
ActionView::Helpers::Tags::CollectionCheckBoxes,
ActionView::Helpers::Tags::CollectionRadioButtons,
ActionView::Helpers::Tags::CollectionSelect,
ActionView::Helpers::Tags::ColorField,
ActionView::Helpers::Tags::DateField,
ActionView::Helpers::Tags::DateSelect,
ActionView::Helpers::Tags::DatetimeField,
ActionView::Helpers::Tags::DatetimeLocalField,
ActionView::Helpers::Tags::DatetimeSelect,
ActionView::Helpers::Tags::EmailField,
ActionView::Helpers::Tags::FileField,
ActionView::Helpers::Tags::GroupedCollectionSelect,
ActionView::Helpers::Tags::HiddenField,
ActionView::Helpers::Tags::Label,
ActionView::Helpers::Tags::MonthField,
ActionView::Helpers::Tags::NumberField,
ActionView::Helpers::Tags::PasswordField,
ActionView::Helpers::Tags::RadioButton,
ActionView::Helpers::Tags::RangeField,
ActionView::Helpers::Tags::SearchField,
ActionView::Helpers::Tags::Select,
ActionView::Helpers::Tags::TelField,
ActionView::Helpers::Tags::TextArea,
ActionView::Helpers::Tags::TextField,
ActionView::Helpers::Tags::TimeField,
ActionView::Helpers::Tags::TimeSelect,
ActionView::Helpers::Tags::TimeZoneSelect,
ActionView::Helpers::Tags::UrlField,
ActionView::Helpers::Tags::WeekField,
ActionView::Helpers::Tags::WeekdaySelect,
TextHelper ,
TranslationHelper ,
UrlHelper ,
::ActionView::TestCase ,
::ActionView::TestCase::Behavior
| |
Defined in: | actionview/lib/action_view/helpers/output_safety_helper.rb |
Overview
Action View Raw Output Helpers
Instance Method Summary
-
#raw(stringish)
This method outputs without escaping a string.
-
#safe_join(array, sep = $,)
This method returns an HTML safe string similar to what
Array#join
would return. -
#to_sentence(array, options = {})
Converts the array to a comma-separated sentence where the last element is joined by the connector word.
Instance Method Details
#raw(stringish)
This method outputs without escaping a string. Since escaping tags is now default, this can be used when you don’t want Rails to automatically escape tags. This is not recommended if the data is coming from the user’s input.
For example:
raw @user.name
# => 'Jimmy <alert>Tables</alert>'
# File 'actionview/lib/action_view/helpers/output_safety_helper.rb', line 18
def raw(stringish) stringish.to_s.html_safe end
#safe_join(array, sep = $,)
This method returns an HTML safe string similar to what Array#join
would return. The array is flattened, and all items, including the supplied separator, are HTML escaped unless they are HTML safe, and the returned string is marked as HTML safe.
safe_join([raw("<p>foo</p>"), "<p>bar</p>"], "<br />")
# => "<p>foo</p><br /><p>bar</p>"
safe_join([raw("<p>foo</p>"), raw("<p>bar</p>")], raw("<br />"))
# => "<p>foo</p><br /><p>bar</p>"
# File 'actionview/lib/action_view/helpers/output_safety_helper.rb', line 33
def safe_join(array, sep = $,) sep = ERB::Util.unwrapped_html_escape(sep) array.flatten.map! { |i| ERB::Util.unwrapped_html_escape(i) }.join(sep).html_safe end
#to_sentence(array, options = {})
Converts the array to a comma-separated sentence where the last element is joined by the connector word. This is the html_safe-aware version of ActiveSupport’s {Array#to_sentence}.
# File 'actionview/lib/action_view/helpers/output_safety_helper.rb', line 43
def to_sentence(array, = {}) .assert_valid_keys(:words_connector, :two_words_connector, :last_word_connector, :locale) default_connectors = { words_connector: ", ", two_words_connector: " and ", last_word_connector: ", and " } if defined?(I18n) i18n_connectors = I18n.translate(:'support.array', locale: [:locale], default: {}) default_connectors.merge!(i18n_connectors) end = default_connectors.merge!( ) case array.length when 0 "".html_safe when 1 ERB::Util.html_escape(array[0]) when 2 safe_join([array[0], array[1]], [:two_words_connector]) else safe_join([safe_join(array[0...-1], [:words_connector]), [:last_word_connector], array[-1]], nil) end end