API Guides

class method self.html_escape

Ruby on Rails 3.0.20

Since v2.3.18 Last seen in v7.0.10

Available in: v2.3.18 v3.0.20 v3.1.12 v3.2.22.5 v4.0.13 v4.1.16 v4.2.9 v5.2.8.1 v6.0.6 v6.1.7.10 v7.0.10 

self.html_escape(s)

A utility method for escaping HTML tag characters. This method is also aliased as h.

In your ERB templates, use this method to escape any unsafe content. For example:

<%=h @person.name %>

Example:

puts html_escape("is a > 0 & a < 10?")
# => is a &gt; 0 &amp; a &lt; 10?

Parameters

s req
Source 
# File activesupport/lib/active_support/core_ext/string/output_safety.rb, line 19
      def html_escape(s)
        s = s.to_s
        if s.html_safe?
          s
        else
          s.gsub(/[&"'><]/, HTML_ESCAPE).html_safe
        end
      end

Defined in activesupport/lib/active_support/core_ext/string/output_safety.rb line 19 · View on GitHub · Improve this page · Find usages on GitHub

Defined in ERB::Util

Type at least 2 characters to search.

↑↓ navigate · open · esc close