Forum: Ruby on Rails Displaying HTML code in view

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
Charanya N. (Guest)
on 2009-03-30 09:20
Hi,

In my application i have the facility for the users to upload the file
which has code ...
And when i want to view the contents of the file uploaded in my view,in
case if the uploaded file is an html file then i am not able to display
the exact code...Instead the html content in that code gets executed.

if i have uploaded example.html
<html>
<head>
 <title>sample</title>
</head>
<body>
<H1> Hello World </H1>
</body></html>

I want to display each line of this file in my view.But in my view when
i use
<% myfile= File.open(example.html)%>
<ul>
<% myfile.each do |line| %>
   <li> <%= line %></li>
<% end%>
</ul>
 the lines of the html file is getting executed and just HelloWorld is
displayed without the entire code getting displayed.

Can anybody help me on this?
Fernando P. (Guest)
on 2009-03-30 09:33
> And when i want to view the contents of the file uploaded in my view,in
> case if the uploaded file is an html file then i am not able to display
> the exact code...Instead the html content in that code gets executed.

I hope you try to filter the html code that people are injecting in your
page. If not then you will be awarded the "the most stupid feature of
the year" prize.
Siddick E. (Guest)
on 2009-03-30 09:42
> <% myfile.each do |line| %>
>    <li> <%= line %></li>

Solution :-
<li> <%=h line %> >/li>

> <% end%>
> </ul>
Siddick E. (Guest)
on 2009-03-30 09:44
Siddick E. wrote:

> <% myfile.each do |line| %>
>    <li> <%= line %></li>

Solution :-
<li> <%=h line %> </li>

> <% end%>
> </ul>
Charanya N. (Guest)
on 2009-03-30 10:45
Siddick E. wrote:
>
>> <% myfile.each do |line| %>
>>    <li> <%= line %></li>
>
> Solution :-
> <li> <%=h line %> >/li>
>
>> <% end%>
>> </ul>

Thank You...It worked..
This topic is locked and can not be replied to.