2.3.8 v. 3.1.1 text escaping

In a view I emit a 12 character string “abc
def”.

In 2.3.8 “abc
def” is rendered.

In 3.1.1 “abc<br />def” is rendered.

The 2.3.8 behavior is what I want. How do I get it?

Ralph S.

I’m answering my own question.

This is an issue with HAML. The relevant statement comes from
http://haml-lang.com/docs/yardoc/file.HAML_REFERENCE.html


Haml supports Rails’ XSS protection scheme, which was introduced in
Rails 2.3.5+ and is enabled by default in 3.0.0+. If it’s enabled,
Haml’s :escape_html option is set to true by default - like in ERB, all
strings printed to a Haml template are escaped by default. Also like
ERB, strings marked as HTML safe are not escaped. Haml also has its own
syntax for printing a raw string to the template.


In the document cited above, there are hyperlinks to how to turn escapin
on and off.

Bascially, the leading = in a HAML statement needs to be cahntged to a
!= in order to turn off escaping.

Just another gotcha in the struggle to upgrade from 2.3.8 to 3.1.1.

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs