Last active
April 11, 2016 07:28
-
-
Save tomdalling/e172740f4f18c0f53d036bb0f8b775a7 to your computer and use it in GitHub Desktop.
Cells Erbse automatic escaping
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require 'cell' | |
| class AppCell < Cell::ViewModel | |
| include ::Cell::Erb | |
| def show | |
| render | |
| end | |
| def template_options_for(*args) | |
| super.merge(escape: true) | |
| end | |
| end | |
| class Cell::ViewModel::OutputBuffer | |
| def safe_expr_append=(value) | |
| self.safe_append = CGI.escape_html(value.to_s) | |
| end | |
| end | |
| # Makes this ERB code work: | |
| # | |
| # Escape this: <%= "<b>should not be bold</b>" %> | |
| # Don't escape this: <%== '<a href="#">muh link</a>' %> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment