The upgrade to the last version of rails (1.2.1) and prototype (1.5.0)
seems to introduce a bug in the "in_place_editor’.
Below a piece of code from an application that was on production:
=== VIEW ===
<%= in_place_editor(
“salary_benefit_earnings_percentage_#{ salary_benefit.id }”,
{ :size => 5,
:url => { :action => :update_benefit,
:attribute => “earnings_percentage”,
:old_value => salary_benefit.earnings_percentage,
:id => salary_benefit.id } } ) %>
=== HTML SRC ===
=== EVALUATION OF PARAMS IN THE CONTROLLER ===
params
{“amp;old_value”=>“0.0”,
“action”=>“update_deduction”,
“id”=>“43”,
“value”=>“5”,
“controller”=>“human_resources/personnel_members”,
“attribute”=>“fixed_number_of_hours”}
The URL in the html src has an & escaped, and one param has ‘amp;’
prefixed to it. I tried with multiple interfaces where the
in_place_editor has a wrong behavior.
Is someone else having similar problems? Could it be a bug in the
in_place_editor or in the routing module?
I have a similar problem.
I am using in_place_editor with the “:load_text_url” option:
<%= h file_contents %>
<%= in_place_editor 'editme',
:url => url_for({ :action => 'save', :path =>
file_path }),
:load_text_url => url_for({ :action =>
'file_contents', :path => file_path }),
%>
Before I click the div, contents of the file are rendered correctly.
But when I click the div, the in_place_editor does some escaping…
< (Less than) is escaped and becomes <
(Greater than) is escaped and becomes >
& (Ampersand) is escaped and becomes &
" (Double quote) is escaped and becomes "
All other special characters I tested ( % @ = * § / \ ’ and some
German specific characters…) work fine and do not get escaped.
So ERB::Util.h probably is not the reason for this behaviour.
When I hit cancel, all escapes made to the file are undone.
But when I save the form, the file now includes all those escapes.
If I edit it again, those escapes now get escaped themselves ( <
becomes < )…
Also all slashes in the URLs for :url and :load_text_url get escaped
with %2F.
However WEBrick doesn’t care and serves those URLs properly.
Is this a known bug?