On Wed, Dec 2, 2009 at 11:19 AM, Mislav Marohnić <[email protected]> wrote: > A will_paginate user opened a issue in my tracker saying that he wants to > use will_paginate in a Rails 2.3.5 app using the rails_xss plugin. > Evidently, HTML output from will_paginate view helpers (`page_entries_info` > specifically) isn't marked "safe", so rails_xss escapes the HTML which is > clearly unwanted behavior. > I tried conditionally marking these view helpers safe with the `safe_helper` > method rails_xss provides on Module, but this can't work because > will_paginate gem is loaded before rails_xss plugin (gems are loaded before > plugins) and `safe_helper` is not available at that time. > Also, because plugins are loaded in alphabetical order, most plugins will > load before rails_xss. These plugins will also be unable to use > `safe_helper` or `html_safe!` methods unless the user changes plugin order > in his environment.rb. > What is the preferred way to approach this? Thanks
The rails_xss plugin would need to be restructured a bit to make it easier to explicitly require and initialize. Otherwise users have to explicitly config.plugins = [:rails_xss, :will_paginate, ...] jeremy -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Core" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/rubyonrails-core?hl=en.
