I am using Rails 2.3.9, and have installed the rails_xss plugin. I have made everything that needs to be html_safe, but have just noticed a problem when a form helper fails validation. When i enter an incorrect email address, and it fails validation, i get the following in my browser:
<span class="fieldWithErrors"><label class="concise" for="user_session_email">Email Address:</label></span> <span class="fieldWithErrors"><input class="txt" id="user_session_email" name="user_session[email]" size="30" type="text" value="not_a_proper_email_address" /></span
I guess this is to do with rails_xss, but i don't know how to fix it. Thanks
preguntado el 08 de enero de 11 a las 16:01
Well i seem to have fixed the problem with this hack added to environment.rb
ActionView::Base.field_error_proc = Proc.new do |html_tag, instance| '<span class="field_with_errors">'.html_safe << html_tag << '</span>'.html_safe end
Is this a bug? is this really the best fix??