Forum: Ruby on Rails What does 'h' do?

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
Mark D. (Guest)
on 2005-12-30 01:04
I'm sure a real newbie question, but try searching for 'h' in any search
engine and you don't get far.

I am wondering what the h does in Ruby as in the code below:

<%= h(truncate(product.description, 80)) %>
Wilson B. (Guest)
on 2005-12-30 01:20
(Received via mailing list)
On 12/29/05, Mark D. <removed_email_address@domain.invalid> wrote:
> I'm sure a real newbie question, but try searching for 'h' in any search
> engine and you don't get far.
>
> I am wondering what the h does in Ruby as in the code below:
>
> <%= h(truncate(product.description, 80)) %>
>
h() is shorthand for 'html_escape', which makes sure the content is
safe for display on an HTML page.

For example, if your controller had some code in it like:
@example = "<br /><br /><br />"

<%= @example %> in a view would put three breaks in a row, when what
you probably wanted was to display the actual text.

<%= h(@example) %> converts those brackets into HTML entities that
will show up properly.

In general, it's a good idea to use it whenever you don't have total
control over the content, because it will prevent your pages from
melting.
Jeremy M. (Guest)
on 2005-12-30 01:23
Alias for html_escape(). Docs for ERb are here:

http://www.ruby-doc.org/stdlib/libdoc/erb/rdoc/cla...
Mark D. (Guest)
on 2005-12-30 01:25
Jeremy M. wrote:
> Alias for html_escape(). Docs for ERb are here:
>
> http://www.ruby-doc.org/stdlib/libdoc/erb/rdoc/cla...

Thanks for the response and the resource (in the process of learning...)

I figured it was something like that, I just wanted to be sure.
This topic is locked and can not be replied to.