Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Any clever workaround to avoid having to type the h method everywhere?

Tags:

security

ruby-on-rails

xss

It seems ridiculous (and a violation of DRY) to have to type the h method all over the place in your view code to make it safe.

Has anyone come up with a clever workaround for this?

like image 262
conor Avatar asked Dec 22 '22 09:12

conor

1 Answers

DHH (creator of Rails) agrees with you. Rails 3 will escape output by default.

like image 77
Larry K Avatar answered Jan 12 '23 01:01

Larry K
Sign in to Comment

Related questions

Redis permission denied while opening dump.rdb
Remove all a tags from string
Unable to activate concurrent-ruby-ext-1.1.3, because concurrent-ruby-1.1.4 conflicts with concurrent-ruby (= 1.1.3) (Gem::ConflictError)
Which is better to use in Rails model validation: Proc or lambda? [closed]
Rails 6 - How to use the old sprocket assets pipeline instead of webpacker?
TypeError - can't quote Rack::Session::SessionId
Rails rake task fails just in production: "NoMethodError: private method `open' called for URI:Module"
How to force Puma start in single mode on Rails?
Rails state of the art for spam prevention
text_field_with_auto_complete inside form_for
how to place YAML inside a YAML document
Two foreign keys with ActiveRecord? [rails]
Ruby on Rails deployment requirements
How do I use redirect_to if I've got multiple controllers in different subdirectories?
Want to show the first 50 or 60 words of a text field in ruby?
Shallow routes with path_prefix?
Rails error "NoMethodError" - My first ruby app
How should I sanitize user input before passing it to %x (executing it)?
Search in Ruby On Rails
How to keep data when run test in rails

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!