Reputation: 3119
Disable HTML escaping in erb templates
In a Rails 3 application I have a domain class where one attribute stores pure HTML content (it's a blog app, the domain class is Post).
In the ERB templates, I need to display the content of the attribute as it was formmated, with the HTML tags in place. But, Rails is escaping all HTML tags! How can I disable this behaviour for this class attribute?
Example:
somePost = Post.new
somePost.content = "<strong> Hi, i'm here! </strong>"
In the erb template:
<%= somePost.content %>
The HTML generated is escaped:
<strong> Hi, i'm here! </strong>
Upvotes: 41
Views: 38677
Answers (3)
Reputation: 25029
Try using raw(somePost.content). Alternatively, somePost.content.html_safe.
Upvotes: 62
Reputation: 5541
Using a double equals means the result is not escaped...
<%== somePost.content %>
See this SO question about it - What does <%== %> do in rails erb?
Upvotes: 37
Reputation: 70819
Use raw(string), as described in the release notes.
7.4.3 Other Changes
You no longer need to call h(string) to escape HTML output, it is on by default in all view templates. If you want the unescaped string, call raw(string).
Basically, where you did
<%=h @model.attr %>
before you can now use
<%= @model.attr %>
and where you did that before you can now use
<%=raw @model.attr %>
Upvotes: 61
Related Questions
- Rails is escaping erb lines in a view using .html_safe
- How to escape all HTML in a block in Rails ERB view
- Escaping special characters in rails .erb file
- How to escape erb tags for a template in rails view file?
- Don't escape html in ruby on rails
- Html escaping in a Rails 3 view
- HTML is not escaped in an ERB tag
- How to make html code in erb tag not escaped
- Rails 3: how to reverse ERB "<%=" default behaviour so I can inject HTML?
- Rails: html_escape isn't working