[Rails-core] Default <%= to use the h (html safe) method.
Tobias Luetke
tobias.luetke at gmail.com
Sun Feb 12 05:04:01 GMT 2006
huh? that would break url_for, link_to, textilize, markdown and every
single other helper which outputs html tags. I use the h helper in
like 3 different places in shopify, thats definitely the exception.
> On that note, I came up with the idea of having <%= default to use the XSS
> safe (or soon to be) h method.
--
Tobi
http://shopify.com - modern e-commerce software
http://typo.leetsoft.com - Open source weblog engine
http://blog.leetsoft.com - Technical weblog
More information about the Rails-core
mailing list