I recently had a problem to escape value returned by a yield in a template.
In my layout, i yield the meta description so that i can define it from my template
<meta name="description" content="<%= yield :html_description %>" />
And here is my template, that unfortunatly, does not escape the value as expected:
<% content_for :html_description, 'hello "you" guy' %>
<meta name="description" content="hello "you" guy" />
I tried to escape it with the h() escaper, but it doesnt work:
<meta name="description" content="<%= h(yield :html_description) %>" />
<meta name="description" content="hello "you" guy" />
I also tried with escape_once(), but it does too much:
<meta name="description" content="<%= escape_once(yield :html_description) %>" />
<meta name="description" content="hello &quot;you&quot; guy" />
However, by concatenating the returned value with a string, it fixes the problem:
<meta name="description" content="<%= '' + (yield :html_description) %>" />
<meta name="description" content="hello "you" guy" />
Does anyone understand this behaviour?
Do you have a better solution than this concatenation that fix it by coincidence?
I'm using Rails 2.3.8 - Thanks!