Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Rails escapes HTML in my plain text mails

Tags:

ruby

ruby-on-rails

ruby-on-rails-3

erb

actionmailer

I am using the rails 3.2.5 ActionMailer to send plain text mails. Given I have a mail view like this:

message_from_user.text.erb:

Hi <%= @recipient.name %>,

You got the following message from <%= @sender.name %>:

<%= @message %>

When @message is "quotes & ampersands", then the plain text mail contains &quot;quotes &amp; ampersands&quot;. So it seems like rails just treats this as a HTML view and escapes any html in order to prevent cross site scripting. However this is a plain text mail. The extension is .text.erb and ActionMailer detectes this and sets the MIME to text/plain. So I never want to escape any html in it.

I have quite a few mail templates in my application, they are all plain text. I would consider patching all of them to include <%=raw @message%> or <%= @message.html_safe %> bad style - not very DRY.

I tried varios work-arounds that included money patching Erubis. None of them seem to work. I am looking for some patch or config option or anything to disable escaping html for all .text.erb files.

Any help is greatly appreciated!

like image 590
iblue Avatar asked Aug 01 '12 09:08

iblue

1 Answers

After some hours of debugging through the Erubis code, I found the following fix. You can just put it into config/initializers/fix_my_mails.rb. I've tested this with rails 3.2.7. It may work with other versions.

module ActionView
  class Template
    module Handlers
      class ERB
        def call(template)
          if template.source.encoding_aware?
            # First, convert to BINARY, so in case the encoding is
            # wrong, we can still find an encoding tag
            # (<%# encoding %>) inside the String using a regular
            # expression
            template_source = template.source.dup.force_encoding("BINARY")

            erb = template_source.gsub(ENCODING_TAG, '')
            encoding = $2

            erb.force_encoding valid_encoding(template.source.dup, encoding)

            # Always make sure we return a String in the default_internal
            erb.encode!
          else
            erb = template.source.dup
          end

          self.class.erb_implementation.new(
            erb,
            :trim => (self.class.erb_trim_mode == "-"),
            :escape => template.identifier =~ /\.text/ # only escape HTML templates
          ).src
        end
      end
    end
  end
end

It just disables HTML entities in every erb file containing .text in the file name.

like image 123
iblue Avatar answered Sep 18 '22 23:09

iblue
Sign in to Comment

Related questions

How to use UTF-8 in PDFKit in Rails?
Ruby/Rails - Access a "lookup" table without modeling it?
Difference between helper files and lib files in rails
rendering a partial in a flash message in Rails 3
How to display month and year selection for credit card
validation_context & update_attributes
calling a method in model from view
rails 3.2 development mode is not displaying the full error page with backtrace etc
CSV on heroku Cedar
Rails validation that one value does not equal another
Rails button_to: how to specify the controller?
Error: File to import not found or unreadable: fancy-buttons
OmniAuth + Identity Forgot Password
tap method in Rails 3 - Have I understood the API Docs correctly?
Rails rake db:schema:dump error
Rails reports can't find a column that is there
Finding records with two specific records in another table
Rails ActiveRecord: Getting the id of a raw insert
Ruby RestClient.post for login form
Adding controls inline with simple_form, nested_form and Twitter Bootstrap in Rails

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!