Rails html encoding - html

I am using h helper method in Rails to encode/escape a string that has an apostrophe (') In my view I am using it like this
<%=h "Mike's computer" %>
My understanding is that the html when viewing the source should be Mike%27s computer but the html produced has an apostrophe in it, Mike's computer
Am I missing something obvious?
How do I get my desired result of Mike%27s computer?
Help is always appreciated.

An apostrophe is a valid character in HTML. It is not encoded because it is not needed to be encoded.

If you want to encode a URL, use u helper:
>> fer#:~/$ script/console
Loading development environment (Rails 2.3.8)
>> include ERB::Util
=> Object
>> h "Mike's computer"
=> "Mike's computer"
>> u "Mike's computer"
=> "Mike%27s%20computer"
>>

If we look at the source code of the h method (it is an alias for html_escape), it is not that hard to just open the file and add the single quote (') to the HTML_ESCAPE constant in the file.
Below is the source code of the method with the location of the method in the file. Find the constant and and the quote in. You can even add more things inside as you want it.
HTML_ESCAPE = { '&' => '&', '>' => '>', '<' => '<', '"' => '"' }
File actionpack/lib/action_view/template_handlers/erb.rb, line 17
17: def html_escape(s)
18: s.to_s.gsub(/[&"><]/) { |special| HTML_ESCAPE[special] }
19: end
CAVEAT: This modification will affect all projects that uses the library.
OR an alternative will be to create a view helper method say in ApplicationHelper
def h_with_quote(s)
HTML_ESCAPE = { "'" => "%27"}
h(s).gsub(/[']/) {|special| HTML_ESCAPE[special]}
end
That approach should be safer.

Related

LISP: how to properly encode a slash ("/") with cl-json?

I have code that uses the cl-json library to add a line, {"main" : "build/electron.js"} to a package.json file:
(let ((package-json-pathname (merge-pathnames *app-pathname* "package.json")))
(let
((new-json (with-open-file (package-json package-json-pathname :direction :input :if-does-not-exist :error)
(let ((decoded-package (json:decode-json package-json)))
(let ((main-entry (assoc :main decoded-package)))
(if (null main-entry)
(push '(:main . "build/electron.js") decoded-package)
(setf (cdr main-entry) "build/electron.js"))
decoded-package)))))
(with-open-file (package-json package-json-pathname :direction :output :if-exists :supersede)
(json:encode-json new-json package-json))
)
)
The code works, but the result has an escaped slash:
"main":"build\/electron.js"
I'm sure this is a simple thing, but no matter which inputs I try -- "//", "/", "#//" -- I still get the escaped slash.
How do I just get a normal slash in my output?
Also, I'm not sure if there's a trivial way for me to get pretty-printed output, or if I need to write a function that does this; right now the output prints the entire package.json file to a single line.
Special characters
The JSON Spec indicates that "Any character may be escaped.", but some of them MUST be escaped: "quotation mark, reverse solidus, and the control characters". The linked section is followed by a grammar that show "solidus" (/) in the list of escaped characters. I don't think it is really important in practice (typically it needs not be escaped), but that may explain why the library escapes this character.
How to avoid escaping
cl-json relies on an internal list of escaped characters named +json-lisp-escaped-chars+, namely:
(defparameter +json-lisp-escaped-chars+
'((#\" . #\")
(#\\ . #\\)
(#\/ . #\/)
(#\b . #\Backspace)
(#\f . #\)
(#\n . #\Newline)
(#\r . #\Return)
(#\t . #\Tab)
(#\u . (4 . 16)))
"Mapping between JSON String escape sequences and Lisp chars.")
The symbol is not exported, but you can still refer to it externally with ::. You can dynamically rebind the parameter around the code that needs to use a different list of escaped characters; for example, you can do as follows:
(let ((cl-json::+json-lisp-escaped-chars+
(remove #\/ cl-json::+json-lisp-escaped-chars+ :key #'car)))
(cl-json:encode-json-plist '("x" "1/5")))
This prints:
{"x":"1/5"}

JSON to Hash in Ruby and vice-versa using Files - Parser Error

I am trying to save data from a Hash to a file. I convert it to JSON and dump it into the file.
When I try to parse back from file to hash I get JSON::ParserError
Code to convert Hash to JSON file: (works fine)
user = {:email => "cumber#cc.cc", :passwrd => "hardPASSw0r|)"}
student_file = File.open("students.txt", "a+") do |f|
f.write JSON.dump(user)
end
After adding a few values one by one to the file it looks something like this:
{"email":"test1#gmail.com","passwrd":"qwert123"}{"email":"test3#gmail.com","passwrd":"qwert12345"}{"email":"cumber#cc.cc","passwrd":"hardPASSw0r|)"}
I tried the following code to convert back to Hash but it doesn't work:
file = File.read('students.txt')
data_hash = JSON.parse(file)
I get
System/Library/Frameworks/Ruby.framework/Versions/2.0/usr/lib/ruby/2.0.0/json/common.rb:155:in `parse': 757: unexpected token at '{"email":"test3#gmail.com","passwrd":"qwert12345"}{"email":"cumber#cc.cc","passwrd":"hardPASSw0r|)"}' (JSON::ParserError)
from /System/Library/Frameworks/Ruby.framework/Versions/2.0/usr/lib/ruby/2.0.0/json/common.rb:155:in `parse'
from hash_json.rb:25:in `<main>'
My goal is to be able to add and remove values from the file.
How do I fix this, where was my mistake? Thank you.
This should work:
https://repl.it/EXGl/0
# as adviced by #EricDuminil, on some envs you need to include 'json' too
require 'json'
user = {:email => "cumber#cc.cc", :passwrd => "hardPASSw0r|)"}
student_file = File.open("students.txt", "w") do |f|
f.write(user.to_json)
end
file = File.read('students.txt')
puts "saved content is: #{JSON.parse(file)}"
p.s. hope that this is only an example, never store passwords in plain-text! NEVER ;-)

How do I replace entity references with character references?

I'm looking for a way in Ruby or Rails to replace entity references ( ) in a file with their character reference equivalents ( ).
is the main offender, but I'd like to do the replacement systematically rather than just hand coding a bunch of gsubs.
You can use the HtmlEntities gem:
gem install htmlentieties
require 'htmlentities'
decoded = HTMLEntities.new.decode ' Hello'
decoded[0].ord #=> 160
As Stefan mentioned in the comment, if you want to encode it back using reference numbers, just decode the string and encode it with the :decimal flag:
require 'htmlentities'
text = ' Hello'
coder = HTMLEntities.new
final_text = coder.encode coder.decode(' Hello'), :decimal
p final_text #=>  Hello
"Max Williams".html_safe => "Max Williams"
This is functionality of Rails's Active Support.

FeedTools behaves differently with JRuby

With Ruby 1.8, FeedTools is able to get and parse rss/atom feed links given a non-feed link. For eg:
ruby-1.8.7-p174 > f = FeedTools::Feed.open("http://techcrunch.com/")
=> #<FeedTools::Feed:0xc99cf8 URL:http://feeds.feedburner.com/TechCrunch>
ruby-1.8.7-p174 > f.title
=> "TechCrunch"
Whereas, with JRuby 1.5.2, FeedTools is unable to get and parse rss/atom feed links given a non-feed link. For eg:
jruby-1.5.2 > f = FeedTools::Feed.open("http://techcrunch.com/")
=> #<FeedTools::Feed:0x1206 URL:http://techcrunch.com/>
jruby-1.5.2 > f.title
=> nil
At times, it also gives the following error:
FeedTools::FeedAccessError: [URL] does
not appear to be a feed.
Any ideas on how I can get FeedTools to work with JRuby?
There seems to be a bug in the feedtools gem. In the method to locate feed links with a given mime type, replace 'lambda' with 'Proc.new' to return from the method from inside the proc when the feed link is found.
--- a/feedtools-0.2.29/lib/feed_tools/helpers/html_helper.rb
+++ b/feedtools-0.2.29/lib/feed_tools/helpers/html_helper.rb
## -620,7 +620,7 ##
end
end
get_link_nodes.call(document.root)
- process_link_nodes = lambda do |links|
+ process_link_nodes = Proc.new do |links|
for link in links
next unless link.kind_of?(REXML::Element)
if link.attributes['type'].to_s.strip.downcase ==

export to csv using fastercsv and CSV::Writer (Ruby on Rails)

What am I trying to do: export data to csv.
I have a form which allows user to select the format (from a drop down menu). So based on the selection of the format the ouput is displayed using a ajax call. Works fine for html but when I select the format as csv I don't see any pop up on the screen (asking to save or open the file) and neither any file gets downloaded directly.
I tried using Fastercsv (but the problem is that I don't see any pop up asking me whether I want to save or open the file) and CSV::Writer where I get this error message on the console.
NoMethodError (You have a nil object when you didn't expect it!
The error occurred while evaluating nil.bytesize):
actionpack (2.3.4) lib/action_controller/streaming.rb:142:in `send_data'
Code using Fastercsv:
def export_to_csv
csv_string = FasterCSV.generate(:col_sep => ",") do |csv|
members = ["Versions / Project Members"]
members_selected.each {|member| members << Stat.member_name(member)}
Stat.project_members(project).each {|user| members << user.name}
csv << ["some text", "text 2", "text 3"]
end
return csv_string
end
and this is how I am sending the data:
send_data(export_to_csv,:type => 'text/csv; charset=iso-8859-1; header=present',
:disposition => "attachment", :filename => "filename.csv")
I see the response as "some text, text 2, text 3" in the firebug console but no pop up asking whether I want to save or open the file.
This is what I am doing using CSV::Writer:
def export_to_csv
report = StringIO.new
CSV::Writer.generate(report, ',') do |csv|
csv << ['c1', 'c2']
end
end
and call it as:
send_data(export_to_csv,:type => 'text/csv; charset=iso-8859-1; header=present',
:disposition => "attachment", :filename => "filename.csv")
This is the error which is thrown on the console:
NoMethodError (You have a nil object when you didn't expect it!
The error occurred while evaluating nil.bytesize):
actionpack (2.3.4) lib/action_controller/streaming.rb:142:in `send_data'
send_data is trying to reference an object that is out of scope. Check your closing 'end' statement