Say I have a hidden field inside a form which tells me which quote
character some file uses. The details are irrelevant, but I need to have
a
string value that could have a double quote. Assume we have a variable
None of these give well-formed HTML that was interpreted correctly by
the
browser. The only one that seemed to work was
<input type=‘hidden’ name=‘quote_char’ value=<%=
html_escape(@quote_char).inspect %> >
which gave
So what exectly is the correct way to handle strings possibly containing
quotes in views. Obviously the string may or may not contain said quotes
every time the view is generated so there should be a general way to
handle
this with some helper function, etc.
So what exectly is the correct way to handle strings possibly containing
quotes in views. Obviously the string may or may not contain said quotes
every time the view is generated so there should be a general way to handle
this with some helper function, etc.
Going into the Rails console, perhaps you can see what is happening:
(the next line loads up the ERB utilities, including html_escape)
1.9.3p194 :002 > include ERB::Util
=> Object
(Just calling the function is like html_escape(qc).inspect)
1.9.3p194 :003 > html_escape(qc)
=> “"”
(To be more like what is happening in your erb file, let’s print it)
1.9.3p194 :005 > puts html_escape(qc)
"
=> nil
So seeing that, it’s probably obvious why your call with .inspect
worked – it emitted the double quote marks around the content, which
is one of the things .inspect does.
But to just put it into the erb file embedded in html, all you should
need to do is:
How should we approach the problem is the tab character is to be included in
the string. For example,
<% c = ‘\t’ %>
just shows the tab as a space.
The tab char (\t) is not converted by html_escapes() as far as I know;
if you want to make it an HTML-ish entity, you’re probably going to
have to encode that yourself (it’s � , btw). Even so, I’m not
sure what the value of that would be, as it doesn’t actually seem to
fill up any space in an input text box.
Also, shouldn’t Rails helper tags use single quotes since they work in both
cases:
<% c1 = “'” %>
<input type=‘hidden’, name=‘char1’ value=‘<%= html_escape(c1) %>’>
In both cases, the characters c1 and c2 are being converted to HTML
entities, ' and " respectively, and no longer contain and
sort of “quoteness” (if you’ll permit) in the HTML context they get
rendered in.
I’m not about to say anything regarding which quoting should be
policy; in fact I’ll argue strenuously against any such policy.
How should we approach the problem is the tab character is to be
included
in the string. For example,
<% c = ‘\t’ %>
just shows the tab as a space.
Also, shouldn’t Rails helper tags use single quotes since they work in
both
cases:
<% c1 = “’” %>
<input type=‘hidden’, name=‘char1’ value=’<%= html_escape(c1) %>’>