Convert html entities? Just use html_safe?

Hi!

I’m importing lots of products via XML. Some characters like the swedish
,
, are encoded as å for instance. When I print it I just append
.html_safe to make it appear correct.

Is this a good and safe approach or should I convert the characters in
some
other way?

It depends.

If the strings are entered by the user you should stay away from using
html_safe because you open your application to html injection attacks.

If the strings come from a trusted source, it is OK to use html_safe.

On Dec 18, 5:50pm, Linus P. [email protected]

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs