This is pretty basic but I'm not having any luck finding anything in the Rails documentation. There is a view helper method (Ruby code, not HAML) that returns
link_to(user_controlled_text, destination, options)
and I need to wrap an HTML element (namely <bdi>
) around the user_controlled_text
. If I do
link_to("<bdi>#{user_controlled_text}</bdi>", ...)
then my element is treated as part of the user-controlled text to be escaped. Fair enough. How do I tell Rails not to escape the <bdi>
and </bdi>
but still escape the user_controlled_text
?
Use content_tag
:
link_to(content_tag(:bdi, user_controlled_text), destination)
# or with a block
link_to(destination) do
content_tag(:bdi, user_controlled_text)
end
Try link_to("<bdi>#{h user_controlled_text}</bdi>".html_safe, ...)
.
If the h
doesn't work, use ERB::Util::h
.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With