If you’re using js views and partial html replacements, Rails 3.0.8
was totally broken. Right after the 3.0.8 release, 3.0.9rc1 was
released which partially addresses the problem. But, after upgrading,
you have to wrap every escape_javascript call with raw() if you want
your javascript to replace HTML. This was absolutely _not_ the case
with 3.0.7.
So, escape_javascript('<img src="lolcat.jpg" />') becomes
raw(escape_javascript('<img src="lolcat.jpg" />')).
On Jun 8, 5:18 pm, Prem Sichanugrist <[email protected]> wrote:
> Let me check. There wasn't really anybody tainted to the function or making
> it not html_safe, except just changing regular expression term.
>
> Mind open an issue?
>
> On Jun 8, 2011, at 8:15 PM, Jesse Cooke wrote:
>
>
>
>
>
>
>
> > escape_javascript still doesn't work like it has in previous versions.
> > You can see how it's expected to work & what it outputs
> > here:http://twitpic.com/58vm5j
> > The code is here:http://bit.ly/leww2A
>
> > An upgrade to Haml 3.1.2 was also necessary for the new SafeBuffer changes.
>
> > Jesse
>
> > --------------------------------------------
> > Jesse Cooke :: N-tier Engineer
> > jc00ke.com / @jc00ke
>
> > --
> > You received this message because you are subscribed to the Google Groups
> > "Ruby on Rails: Core" group.
> > To view this discussion on the web
> > visithttps://groups.google.com/d/msg/rubyonrails-core/-/MXaDmZkGUR4J.
> > To post to this group, send email to [email protected].
> > To unsubscribe from this group, send email to
> > [email protected].
> > For more options, visit this group
> > athttp://groups.google.com/group/rubyonrails-core?hl=en.
--
You received this message because you are subscribed to the Google Groups "Ruby
on Rails: Core" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/rubyonrails-core?hl=en.
