Can somebody update me on the state of html_safe strings in rails 2.3.8?
I know rails 2.3.6 and 2.3.7 broke a lot of code because strings were
being escaped when they shouldn’t have been and I thought this was all
fixed in 2.3.8.
I’m upgrading an app from 2.3.5 to 2.3.8 and there are many spots where
previous code was output correctly and now it expects html_safe method
calls to properly escape the strings. Are those who don’t want to use
the new escaping behaviour in the 2.3.x branch expected to stick with
2.3.5 from now on moving forward?