On Wednesday, February 15, 2006, at 2:50 PM, Tom Ward wrote: >This is a bad idea. It assumes data from ActiveRecord models only >ever displayed on the web. This ignores email templates, logging, etc >from within web apps, not to mention applications using ActiveRecord >outside the web.
The idea of the plugin would be to make it easy to turn off the behavior if you found it necessary to do so. In my view, if escaping the text by default causes problems then you at least have to think about turning it off. Besides, sneaky code can be a problem in places other than rendered html. Such a system where you have to manually opt out of the control is better because it guards against mistakes. Sure, a good programmer shouldn't need such a system, but mistakes will be made. I would rather have the mistake cause an obvious failure than go silently undetected. _Kevin -- Posted with http://DevLists.com. Sign up and save your time! _______________________________________________ Rails-core mailing list [email protected] http://lists.rubyonrails.org/mailman/listinfo/rails-core
