This project is archived and is in readonly mode.

#6067 ✓duplicate

ERB in html/plain is HTML escaped

Reported by Jan | November 25th, 2010 @ 08:17 PM

With Rails 3, ERB blocks with unsafe strings are automagically HTML escaped. This is great when one wants to output HTML, but it just does not make sense for example in a text/plain email template, where there's no such escaping syntax (none at all, for the example of text/plain).

I think a different escaping procedure should be chosen based on the MIME type served and no automatic escaping should take place for text/plain.

My expectation would be:


<%= "I <3 Rails" %>


I <3 Rails


<%= "I <3 Rails" %>


I &lt;3 Rails

My point isn't only that I don't want to use raw() in text templates, but also that automatic escaping might be great for other MIME types, but then again it would not necessarily be HTML escaping.

Comments and changes to this ticket

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile »

<h2 style="font-size: 14px">Tickets have moved to Github</h2>

The new ticket tracker is available at <a href=""></a>