2

I would expect that the following:

<div style="padding-top:90px;"><%= u.one_line %></div>

simply pulls whatever is in u.one_line (which in my case is text from database), and puts it in the html file. The problem I'm having is that sometimes, u.one_line has text with formatted html in it (just line breaks). For example sometimes:

u.one_line is "This is < / b r > awesome"

and I would like the page to process the fact that there's a line break in there... I had to put it with spaces up ^^^ here because the browser would not display it otherwise on stackoverflow. But on my server it's typed correctly, unfortunately instead of the browser processing the line break, it prints out the "< / b r>" part...

I hope you guys understand what I mean :(?

Improve this question

1 Answer 1

Reset to default
6

always remember to use raw or html_safe for html output in rails because rails by default auto-escapes html content for protecting against XSS attacks.

for more see When to use raw() and when to use .html_safe

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Glad I could be of any help

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.