i have been having problems variables inside link_to tags, work when wrapped in raw.
what raw mean? practice use wrap strings , variables inside tag?
from official rails raw documentation:
this method outputs without escaping string. since escaping tags default, can used when don't want rails automatically escape tags. not recommended if data coming user's input.
it's not practice use raw because bypasses default rails input sanitization. use if know doing.
if need use raw html inside link to, can pass block.
<%= link_to root_url %> <span>my link</span> <% end %> another alternative use rails helpers sanitizes input.
<%= link_to content_tag(:span, "unsafe input"), root_url %> 
Comments
Post a Comment