API Guides

class method self.html_escape

Ruby on Rails 4.0.13

Since v2.3.18 Last seen in v7.0.10

Available in: v2.3.18 v3.0.20 v3.1.12 v3.2.22.5 v4.0.13 v4.1.16 v4.2.9 v5.2.8.1 v6.0.6 v6.1.7.10 v7.0.10 

self.html_escape(s)

A utility method for escaping HTML tag characters. This method is also aliased as h.

In your ERB templates, use this method to escape any unsafe content. For example:

<%=h @person.name %>

puts html_escape('is a > 0 & a < 10?')
# => is a &gt; 0 &amp; a &lt; 10?

Parameters

s req
Source 
# File activesupport/lib/active_support/core_ext/string/output_safety.rb, line 19
    def html_escape(s)
      s = s.to_s
      if s.html_safe?
        s
      else
        s.gsub(/[&"'><]/, HTML_ESCAPE).html_safe
      end
    end

Defined in activesupport/lib/active_support/core_ext/string/output_safety.rb line 19 · View on GitHub · Improve this page · Find usages on GitHub

Defined in ERB::Util

Type at least 2 characters to search.

↑↓ navigate · open · esc close