>> >> what about writing <%= h(@foo) %> in the view? I heard it's necessary >> for every information out of the database, I just couldn't find any >> information 'bout that? >> You can also use <%= sanitize @foo %> that will allow only a few unhamrful html tags that you choose.
-- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
