Can someone fill me in on the rationale for using escape_once over
html_escape for the text_field helper?
To me, if I have “& >” stored in my DB, it makes sense that that is
the value that should be displayed in a text_field. To do this, it
should be escaped to give:
<input … value="& >" />
Current behaviour is:
<input … value="& >" />
Relevant code is in actionpack/lib/action_view/helpers/tag_helper.rb
A test to add to actionpack/test/template/form_tag_helper_test.rb
(currently fails)
def test_text_field_with_html_entities_in_value
@post.title = “& >”
assert_dom_equal(
‘’, text_field(“post”, “title”)
)
end
Cheers,
Xavier