Methods

Instance Public methods

raw(stringish)

This method outputs without escaping a string. Since escaping tags is now default, this can be used when you don't want Rails to automatically escape tags. This is not recommended if the data is coming from the user's input.

For example:

raw @user.name
# => 'Jimmy <alert>Tables</alert>'
📝 Source code
# File actionview/lib/action_view/helpers/output_safety_helper.rb, line 18
      def raw(stringish)
        stringish.to_s.html_safe
      end
🔎 See on GitHub

safe_join(array, sep = $,)

This method returns an HTML safe string similar to what Array#join would return. The array is flattened, and all items, including the supplied separator, are HTML escaped unless they are HTML safe, and the returned string is marked as HTML safe.

safe_join([raw("<p>foo</p>"), "<p>bar</p>"], "<br />")
# => "<p>foo</p>&lt;br /&gt;&lt;p&gt;bar&lt;/p&gt;"

safe_join([raw("<p>foo</p>"), raw("<p>bar</p>")], raw("<br />"))
# => "<p>foo</p><br /><p>bar</p>"
📝 Source code
# File actionview/lib/action_view/helpers/output_safety_helper.rb, line 33
      def safe_join(array, sep = $,)
        sep = ERB::Util.unwrapped_html_escape(sep)

        array.flatten.map! { |i| ERB::Util.unwrapped_html_escape(i) }.join(sep).html_safe
      end
🔎 See on GitHub

to_sentence(array, options = {})

Converts the array to a comma-separated sentence where the last element is joined by the connector word. This is the html_safe-aware version of ActiveSupport's Array#to_sentence.

📝 Source code
# File actionview/lib/action_view/helpers/output_safety_helper.rb, line 43
      def to_sentence(array, options = {})
        options.assert_valid_keys(:words_connector, :two_words_connector, :last_word_connector, :locale)

        default_connectors = {
          words_connector: ", ",
          two_words_connector: " and ",
          last_word_connector: ", and "
        }
        if defined?(I18n)
          i18n_connectors = I18n.translate(:'support.array', locale: options[:locale], default: {})
          default_connectors.merge!(i18n_connectors)
        end
        options = default_connectors.merge!(options)

        case array.length
        when 0
          "".html_safe
        when 1
          ERB::Util.html_escape(array[0])
        when 2
          safe_join([array[0], array[1]], options[:two_words_connector])
        else
          safe_join([safe_join(array[0...-1], options[:words_connector]), options[:last_word_connector], array[-1]], nil)
        end
      end
🔎 See on GitHub