How to escape double quotes in HTML attribute value in Ruby?

Question

Does ruby have some function to escape escaped quotes? like

name = "some \"thing\""
"<meta property=\"og:title\" content=\"#{name}\" />"

as

"<meta property=\"og:title\" content=\"some \\\"thing\\\"\" />"

Simple way is just do

name.gsub("\"", "\\\"")

but looks weird

Answer 1

To properly encode a double quote in an HTML attribute value, there are several ways:

• You can use an unescaped " if the attribute value itself is delimited by '...' or vice-versa: (just like strings in Ruby)

  <meta property="og:name" content='some "thing"' />
  

• If the attribute value is delimited by "...", you can use the double quote's numeric character reference ":

  <meta property="og:name" content='some &#34;thing&#34;' />
  

• or its character entity reference ":

  <meta property="og:name" content="some &quot;thing&quot;" />
  

From within Ruby, you could call CGI.escapeHTML: (I'm using Ruby's %(...) percent string literal here for the meta tag string, so I don't have to escape all the ")

require 'cgi'

name = 'some "thing"'
meta = %(<meta property="og:name" content="#{CGI.escapeHTML(name)}" />)
#=> "<meta property=\"og:name\" content=\"some &quot;thing&quot;\" />"

puts meta

Or the tag helper if you're using Rails:

<%= tag(:meta, property: 'og:name', content: name) %>

Both of the above output:

<meta property="og:name" content="some &quot;thing&quot;" />