2.3.8 v. 3.1.1 text escaping

In a view I emit a 12 character string “abc
def”.

In 2.3.8 “abc
def” is rendered.

In 3.1.1 “abc<br />def” is rendered.

The 2.3.8 behavior is what I want. How do I get it?

Ralph S.

I’m answering my own question.

This is an issue with HAML. The relevant statement comes from
http://haml-lang.com/docs/yardoc/file.HAML_REFERENCE.html


Haml supports Rails’ XSS protection scheme, which was introduced in
Rails 2.3.5+ and is enabled by default in 3.0.0+. If it’s enabled,
Haml’s :escape_html option is set to true by default - like in ERB, all
strings printed to a Haml template are escaped by default. Also like
ERB, strings marked as HTML safe are not escaped. Haml also has its own
syntax for printing a raw string to the template.


In the document cited above, there are hyperlinks to how to turn escapin
on and off.

Bascially, the leading = in a HAML statement needs to be cahntged to a
!= in order to turn off escaping.

Just another gotcha in the struggle to upgrade from 2.3.8 to 3.1.1.