How to escape value returned by a yield

Question

How to escape value returned by a yield

I recently had a problem to escape value returned by a yield in a template.

In my layout, i yield the meta description so that i can define it from my template

<meta name="description" content="<%= yield :html_description %>" />

And here is my template, that unfortunatly, does not escape the value as expected:

<% content_for :html_description, 'hello "you" guy' %>
<meta name="description" content="hello "you" guy" />

I tried to escape it with the h() escaper, but it doesnt work:

<meta name="description" content="<%= h(yield :html_description) %>" />
<meta name="description" content="hello "you" guy" />

I also tried with escape_once(), but it does too much:

<meta name="description" content="<%= escape_once(yield :html_description) %>" />
<meta name="description" content="hello &amp;quot;you&amp;quot; guy" />

However, by concatenating the returned value with a string, it fixes the problem:

<meta name="description" content="<%= '' + (yield :html_description) %>" />
<meta name="description" content="hello &quot;you&quot; guy" />

Does anyone understand this behaviour?

Do you have a better solution than this concatenation that fix it by coincidence?

I'm using Rails 2.3.8 - Thanks!

6

ruby-on-rails escaping yield html

задан Guillaume 5 November 2010 в 08:11

0 ответов

Другие вопросы по тегам:

ruby-on-rails escaping yield html

How to escape value returned by a yield

0 ответов

Похожие вопросы: