Forum: Ruby on Rails in_place_editor on Rails 1.2.1 seems to be broken

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
1c2932a6823c667e2a4a68e1702149e3?d=identicon&s=25 Rolando Lora (Guest)
on 2007-02-03 01:51
The upgrade to the last version of rails (1.2.1) and prototype (1.5.0)
seems to introduce a bug in the "in_place_editor'.

Below a piece of code from an application that was on production:

=== VIEW ===

<%= in_place_editor(
  "salary_benefit_earnings_percentage_#{ salary_benefit.id }",
  { :size => 5,
    :url => { :action => :update_benefit,
              :attribute => "earnings_percentage",
              :old_value => salary_benefit.earnings_percentage,
              :id => salary_benefit.id } } ) %>

=== HTML SRC ===
<script type="text/javascript">
//<![CDATA[
new Ajax.InPlaceEditor('salary_deduction_earnings_percentage_37',
'/human_resources/personnel_members/update_deduction/37?attribute=earnings_percentage&amp;old_value=13.0',
{size:5})
//]]>
</script>

=== EVALUATION OF PARAMS IN THE CONTROLLER ===
params

{"amp;old_value"=>"0.0",
 "action"=>"update_deduction",
 "id"=>"43",
 "value"=>"5",
 "controller"=>"human_resources/personnel_members",
 "attribute"=>"fixed_number_of_hours"}


The URL in the html src has an & escaped, and one param has 'amp;'
prefixed to it. I tried with multiple interfaces where the
in_place_editor has a wrong behavior.

Is someone else having similar problems? Could it be a bug in the
in_place_editor or in the routing module?
F1b0c5e0a1032e096a2888b61abc53c3?d=identicon&s=25 the.janitor (Guest)
on 2007-04-04 13:46
(Received via mailing list)
I have a similar problem.
I am using in_place_editor with the ":load_text_url" option:

<div id="editme">
    <%= h file_contents %>
</div>
<%= in_place_editor 'editme',
                    :url => url_for({ :action => 'save', :path =>
file_path }),
                    :load_text_url => url_for({ :action =>
'file_contents', :path => file_path }),
%>

Before I click the div, contents of the file are rendered correctly.
But when I click the div, the in_place_editor does some escaping...

<  (Less than) is escaped and becomes &lt;
>  (Greater than) is escaped and becomes &gt;
&  (Ampersand) is escaped and becomes &amp;
"  (Double quote) is escaped and becomes &quot;

All other special characters I tested ( % @ = * ยง / \ ' and some
German specific characters...) work fine and do not get escaped.
So ERB::Util.h probably is not the reason for this behaviour.

When I hit cancel, all escapes made to the file are undone.
But when I save the form, the file now includes all those escapes.
If I edit it again, those escapes now get escaped themselves ( &lt;
becomes &amp;lt; )...

Also all slashes in the URLs for :url and :load_text_url get escaped
with %2F.
However WEBrick doesn't care and serves those URLs properly.

Is this a known bug?
This topic is locked and can not be replied to.