Reputation: 5430
html_safe is not working in ruby on rails
I am using ckeditor to save posts content. If I save anything in my db then it saves content with html tags. To escape html i am using <%= raw(posts.content) %> function. I am using Speak.js for adding functionality to listen posts content also. Here i am doing like this ...
<script src="speakClient.js"></script>
<img src="img/listenpost.png" alt="Listen Post" onclick="speak('<%= posts_item.content.html_safe %>')" style="cursor:pointer;" />
but here it speaks content with html tags. I tried to do like this also
speak('<%== posts_item.content %>') or speak('<%= raw posts_item.content %>')
But nothing works for me. How can I escape html tags so that my posts audible without HTML tags
Upvotes: 0
Views: 957
Answers (2)
Reputation: 5929
You should escape also inside javascript. Using escape_javascript helper
speak('<%=j posts_item.content.html_safe %>')
Upvotes: 2
Reputation:
You state that you have tried speak('<%= raw posts_item.content %>'). The correct use of the raw helper method in this case would be <%= raw(posts_item.content) %> (note that posts_item.content is inside parentheses
Upvotes: 0
Related Questions
- Rails: html_safe not safe?
- html_safe is not working in rails to javascript
- How to use html_safe in a secure manner?
- Behaviour on html_safe? in Rails 3.2.1
- html_safe in ruby on rails not working
- Rails 4 raw html_safe not working
- Why should I be careful with html_safe?
- rails 3 html_safe confusion
- Turn on html_safe for the entire app in Rails 3
- How make this function html_safe?