H() aka. html_escape in controller code?


In controller code I’m doing things like:

flash[:success] = “Customer {#@customer.name} has been deleted.”

I know how to escape html in views by using the h() method. How can I
the same thing here in the controller?


I don’t think you would do it there – instead, add
“h(flash[:success])” to your view. (Keep the presentation separate.)

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs