Rails html encoding

Question

I am using h helper method in Rails to encode/escape a string that has an apostrophe (') In my view I am using it like this

<%=h "Mike's computer" %>

My understanding is that the html when viewing the source should be Mike%27s computer but the html produced has an apostrophe in it, Mike's computer

Am I missing something obvious?

How do I get my desired result of Mike%27s computer?

Help is always appreciated.

Answer 1

If you want to encode a URL, use u helper:

>> fer@:~/$ script/console
Loading development environment (Rails 2.3.8)
>> include ERB::Util
=> Object
>> h "Mike's computer"
=> "Mike's computer"
>> u "Mike's computer"
=> "Mike%27s%20computer"
>> 

Answer 2

If we look at the source code of the h method (it is an alias for html_escape), it is not that hard to just open the file and add the single quote (') to the HTML_ESCAPE constant in the file.

Below is the source code of the method with the location of the method in the file. Find the constant and and the quote in. You can even add more things inside as you want it.

HTML_ESCAPE = { '&' => '&amp;', '>' => '&gt;', '<' => '&lt;', '"' => '&quot;' }

File actionpack/lib/action_view/template_handlers/erb.rb, line 17
17:     def html_escape(s)
18:       s.to_s.gsub(/[&"><]/) { |special| HTML_ESCAPE[special] }
19:     end

CAVEAT: This modification will affect all projects that uses the library.

OR an alternative will be to create a view helper method say in ApplicationHelper

def h_with_quote(s)
  HTML_ESCAPE = { "'" => "%27"}
  h(s).gsub(/[']/) {|special| HTML_ESCAPE[special]}
end

That approach should be safer.

Answer 3

An apostrophe is a valid character in HTML. It is not encoded because it is not needed to be encoded.