0

I'm trying to create a Ruby gem that returns html mark up like so:

class Hola
    def self.hi(name = "world")
        "hello #{name}"
    end

    def self.hi_with_markup(name = "world")
        "<strong>hello #{name}</strong>"
    end
end

However, whenever I try to use it in a test.html.erb file like so:

<%= Hola.hi_with_markup(", please work!") %>

It returns the string with the tags printed instead of actually rendering the html. How can I fix this from the gem side?

Thanks!

franksama
  • 163
  • 1
  • 6

2 Answers2

2

In Rails 3 the default changed from "not" escaping HTML to escaping HTML (i.e. converting things like '>' to &gt;) for any String deemed to be unsafe; which is generally any string that has the potential to have user characters, including the output of your gem. There are two ways around this raw() and .html_safe.

Here's a comprehensive answer: raw vs. html_safe vs. h to unescape html

The short answer is to do this:

<%= Hola.hi_with_markup(", please work!").html_safe %>

or

<%= raw(Hola.hi_with_markup(", please work!")) %>
Community
  • 1
  • 1
GSP
  • 3,763
  • 3
  • 32
  • 54
  • i see, if that's the case then there doesn't seem to be any way around it. do you know if there's a way to return output from an html file instead of hardcoding the html markup in rb file. – franksama Jan 16 '13 at 18:10
  • Actually, there may be one way around it: You'd have to work with the ActiveSupport::SafeBuffer directly. According to this article, http://yehudakatz.com/2010/02/01/safebuffers-and-rails-3-0/ that is the actual object that you're working with in a ERB template. So you could have your gem work with SafeBuffers instead of Strings and then ensure that the "safe" flag was set before returning. – GSP Jan 16 '13 at 18:18
  • As far as working with files, do you want your gem to return the contents of a file? Or do you want to load and display a file in Rails? Or am I missing the use case entirely? – GSP Jan 16 '13 at 18:20
  • so ideally i'd like to have a partial inside the gem that can be customized based on what parameters are passed to it from a rails project. so like in the question above, the "hello #{name}" would be in a _partial.html and a call to Hola.hi_with_markup("bob") would return the contents of the partial with "bob". Make sense? Not sure if this is possible with a gem or if I should be using a plugin. – franksama Jan 16 '13 at 19:02
  • It makes sense. I often call my partials from a helper simply because I find that it looks cleaner, IMHO. So it sounds like you're trying to do the same thing except in a way that is share-able. Is it definitely something you need to share across multiple Rails projects? If so, I'd try experimenting with the ActiveSupport::SafeBuffer directly. – GSP Jan 16 '13 at 19:32
1

Try this:

class Hola
    def self.hi(name = "world")
        "hello #{name}"
    end

    def self.hi_with_markup(name = "world")
        "<strong>hello #{name}</strong>".to_html
    end
end
Justin Chmura
  • 430
  • 1
  • 4
  • 11