Hi ! 2006/2/12, Tobias Luetke <[EMAIL PROTECTED]>: > huh? that would break url_for, link_to, textilize, markdown and every > single other helper which outputs html tags. I use the h helper in > like 3 different places in shopify, thats definitely the exception.
Am I reading this right ? 3 places ? I use it on every list screen I have. I don't trust the admin interfaces anymore than I would trust a public comments form. So, I even HTML escape product names and codes. Could you explain which places you do and don't use HTML escape ? Maybe I'm too paranoid ? Thanks ! -- François Beausoleil http://blog.teksol.info/
_______________________________________________ Rails-core mailing list [email protected] http://lists.rubyonrails.org/mailman/listinfo/rails-core
