in sinatra using erubis, default setting escape_html is true. sometimes hava to unescape

Question

In Sinatra, using erubis, the default setting for escape_html is true.

But sometimes I want to to unescape, because, I do not want to add too much escape_html. Don't repeat yourself. :)

helpers:

def raw(string)
  CGI::unescape_html(string)
end

views:

<div class="body">
  <%= raw "<h1>Thanks for help...</h1>" %>
</div>

does not work.

Answer 1

Just to add some tips. Erubis has ability to escape (sanitize) expression. Erubis::Eruby class act as the following:

<%= expr %> - not escaped.
<%== expr %> - escaped.
<%=== expr %> - out to $stderr.
<%==== expr %> - ignored.

Source

Answer 2

Not sure about which version of Erubis you use, but it seems like it has a special kind of tag for that particular case: with two equals signs. So the line from your example might look like:

<%== "<h1>Thanks for help...</h1>" %>

Calling to CGI::unescape should not be necessary, because the string is initially not escaped. All you need is to prevent escaping, not undo it.

But if your Erubis don't understand <%==, or if you use ERB, not Erubis, then sorry, I don't know any other solution except of what you said: disable html escape for entire file and use h everywhere you do need escaping.

FYI, in Rails for this also there are special helpers raw and String#html_safe, but as I can see they are part of ActiveSupport and not available in Sinatra.