Module ERB::Util
In: vendor/rails/actionpack/lib/action_view/erb/util.rb

Methods

h   html_escape   j   json_escape  

Constants

HTML_ESCAPE = { '&' => '&amp;', '>' => '&gt;', '<' => '&lt;', '"' => '&quot;' }
JSON_ESCAPE = { '&' => '\u0026', '>' => '\u003E', '<' => '\u003C' }

Public Instance methods

h(s)

Alias for html_escape

A utility method for escaping HTML tag characters. This method is also aliased as h.

In your ERb templates, use this method to escape any unsafe content. For example:

  <%=h @person.name %>

Example:

  puts html_escape("is a > 0 & a < 10?")
  # => is a &gt; 0 &amp; a &lt; 10?

[Source]

    # File vendor/rails/actionpack/lib/action_view/erb/util.rb, line 17
17:     def html_escape(s)
18:       s.to_s.gsub(/[&"><]/) { |special| HTML_ESCAPE[special] }
19:     end
j(s)

Alias for json_escape

A utility method for escaping HTML entities in JSON strings. This method is also aliased as j.

In your ERb templates, use this method to escape any HTML entities:

  <%=j @person.to_json %>

Example:

  puts json_escape("is a > 0 & a < 10?")
  # => is a \u003E 0 \u0026 a \u003C 10?

[Source]

    # File vendor/rails/actionpack/lib/action_view/erb/util.rb, line 36
36:     def json_escape(s)
37:       s.to_s.gsub(/[&"><]/) { |special| JSON_ESCAPE[special] }
38:     end

[Validate]