This project is archived and is in readonly mode.
ERB in html/plain is HTML escaped
Reported by Jan | November 25th, 2010 @ 08:17 PM
With Rails 3, ERB blocks with unsafe strings are automagically HTML escaped. This is great when one wants to output HTML, but it just does not make sense for example in a text/plain email template, where there's no such escaping syntax (none at all, for the example of text/plain).
I think a different escaping procedure should be chosen based on the MIME type served and no automatic escaping should take place for text/plain.
My expectation would be:
my_mail.text.erb
<%= "I <3 Rails" %>
produces
I <3 Rails
my_mail.html.erb
<%= "I <3 Rails" %>
produces
I <3 Rails
My point isn't only that I don't want to use raw() in text templates, but also that automatic escaping might be great for other MIME types, but then again it would not necessarily be HTML escaping.
Comments and changes to this ticket
-
Jan November 25th, 2010 @ 08:19 PM
"html/plain" in the title should have read "text/plain". Sorry for the mistake.
-
Santiago Pastorino November 25th, 2010 @ 09:18 PM
- State changed from “new” to “duplicate”
- Importance changed from “” to “Low”
Create your profile
Help contribute to this project by taking a few moments to create your personal profile. Create your profile »
<h2 style="font-size: 14px">Tickets have moved to Github</h2>
The new ticket tracker is available at <a href="https://github.com/rails/rails/issues">https://github.com/rails/rails/issues</a>
Jan
Jeremy Kemper