How to HTML encode/escape a string? Is there a built-in?

ghz 1years ago ⋅ 2424 views

Question

I have an untrusted string that I want to show as text in an HTML page. I need to escape the chars '<' and '&' as HTML entities. The less fuss the better.

I'm using UTF8 and don't need other entities for accented letters.

Is there a built-in function in Ruby or Rails, or should I roll my own?

Answer

The h helper method:

<%=h "<p> will be preserved" %>

#ruby

ghz
- 8738Posts
- 0Comments
Favorites 0

Hot

1. Switch between two frames in tkinter?
2. []byte(string) vs []byte(*string)
3. Generating CSV file for Excel, how to have a newline inside a value
4. Kubernetes Service cluster IP, how is this internally load balanced across different nodes
5. PHP Startup Unable to load dynamic library php_mongo.dll
6. Make absolute positioned div expand parent div height

Latest

1. Python/Kivy: How to create recipes for bs4 module and it's depen
2. Fast way of finding the longest substring using only regex
3. How Session.run() chooses which sub-graph to run
4. Targeting specific values from JSON API and inserting into Postg
5. How to convert txt to excel file
6. Dh Key Too Small (Python FTP) on Whonix