I am using rails 3.0 and I have an xml file where I store the content of my webpage. So for example, to fill in the body section of a given html page, I extract the content of the tag using REXML methods in ruby.
I would like to store a content with HTML tag inside this XML tag. Say, the following is my favorite content:
<body><strong>XXX</strong></body>
I am inserting this text in its escaped version so that XML parser doesn't interpret it as some content.
"<strong> XXX </strong>"
Running seeds.rb file, I am reading this content to the database and eventually render it as an html page.
I tried many methods, I was unable to obtain what I want, namely: XXX
thanks for your help.
Another easy to output raw content
<%== #content.body %>
It's exactly the same as
<%= raw #content.body %>
it's just a shorthand method to output raw content
try putting the html inside a CDATA section (unescaped):
<xmlNode>
<![CDATA[
<body><strong>XXX</strong></body>
]]>
</xmlNode>
solved the problem, in my XML file, I have this content entered unescaped as it is:
<body>
<strong>XXX</strong>
</body>
in my seeds.rb file, I read the child of node with:
k.children[1].to_s
and finally in the controller, I declare the content as .html_safe:
<%= content_tag(:div, #content.body.html_safe) %>
Related
i have one mailer file called schedule_mailer.html.erb
in that I'm trying to use a helper method from that I'm rendering the contents
in scheudle_mailer.html.erb
<p style='font-size:15px;margin:0 25px 20px 25px' >
<%= body_text_tag() %>
</p>
in helper.rb
i need to send a string which includes <b> as well as <br>
but I'm receiving in mail as <b> and <br> tag itself.
my helper method
def body_text_tag()
body = "This email to inform you that"
if #creation
body + "your hotel schedule has been created <br>
<b>timings :</b> #{#timings}, <br>
<b>Room number :</b> #{#room number},<br>
....
....
....
elsif ....
.....
end.
as I have tried tag(:br), inside the string, even though it's rendering the mail with the tag(:br) itself, instead of the break line.
how to approach this kind of tags in the string to HTML?
The reason this doesn't work is that in Rails when you append a normal string to a safe buffer its automatically escaped to prevent XSS attacks.
irb(main):076:0> "<b>Hello".html_safe + "World</b>"
=> "<b>HelloWorld</b>"
If you want to create text that contains HTML tags from a helper you need to mark the portions that are HTML tags as safe:
"<b>".html_safe + #timings + "</b>".html_safe
Do not do:
"<b>#{ #timings }</b>".html_safe
Unless you actually know that the content is actually safe and doesn't contain user input.
This is what the tag helpers do automatically for you:
content_tag(:b, #timings)
tag.b(#timings)
But this code most likely doesn't actually belong in a helper in the first place. Use a view or a partial and write it in ERB.
one of the solutions which I tried and worked for me is to use html_safe, in the mailer.
as
<%= body_text_tag().html_safe %>
I know thas it sounds a little weird. I need to generate an html file based on an html.erb template which has many variables. I will give an oversimplified example.
In my viwes/pages/home.html.erb I have:
<html>
<h1> <%= #name %> </h1>
</html>
In my pages_controller.rb:
def home
#name = 'Michaela'
end
When the home funcion is called, it will render the home.html.erb and in the browser, the content will be showed as if it was opnening an .html file that looks like the following:
<html>
<h1> Michaela </h1>
</html>
What I need is to generate an plain html file with that content, after #name has been defined, so if instad of being hardcoded, it´s inputted by the user, the .html file defines it´s content accroding to that user input.
As Maxence recommended, I used the render_to_string helper to finally store the generated html into a variable, and manipulate it in that way.
Okay I've been searching for this one and found a possible duplicate here (what does " <%: " do?). However this question adresses <%= and <%:, but not <%-.
So just to be sure I'm still asking my question.
I'm trying to setup a node.js/express/d3 application rendered on the server side. I found a repo describing what I want to do here:
https://github.com/gregjopa/d3-server-side-demo/blob/master/index.html
In that html code there is a snippet that I'd like to actually convert in jade:
<h1>D3 Server-side Demo</h1>
<%-
barChartHelper.getBarChart({
data: fixtureData,
width: 400,
height: 300,
xAxisLabel: '2012',
yAxisLabel: 'Views',
containerId: 'bar-chart-small'
})
%>
So I have two questions:
1)What is the meaning of the <%- %> in html?
And
2) How do I write this in jade?
Thanks,
The codebase you linked has EmbeddedJS as a dependency. EJS is a templating library which allows for using those tags.
Unescaped buffering with <%- code %>
So basically: These are not HTML tags, just tags belonging to a different templating language that allow inline JS code to be executed
You can use the same in Jade as explained in the docs
Unescaped Buffered Code
Unescaped buffered code starts with != and outputs the result of evaluating the JavaScript expression in the template.
I have a blog that saves input from html input tags, saves them as XML into a sqlite3 database, and then finally renders the content inside of this tag.
<p>
<b>Content:</b>
<%= #post.content %>
</p>
I need this .content to be able to render HTML. Any ideas?
For these kind of situations, you have to use either:
Markup language like RedCloth,
Or an editor like CKEditor.
Using CKEditor is a breeze with the CKEditor gem
And please note if you are using Rails 3, you need to explicitly say you want raw HTML, like this:
<p>
<b>Content:</b>
<%= raw #post.content %>
</p>
New to RoR, so please don't kill me ;)
Was wondering why does not Rails 3 recognize HTML tags retrieved from database?
For example,
Name Content
Title <b>Great</b> Show Edit Destroy
I wanted to have Content to be bold and put < b > tag around it, when it retrieves from a database it looks like a plain English.
Any thoughts?
Thank you in advance.
If I got this right, you need to do this:
<%= myrecord.content.html_safe %>
to get "real" html and not just escaped html code.
Even though it is unsafe to deliberately output HTML from the DB, you should call raw on the content you're trying to print.
<%= raw #object.my_content %>