Los ayudantes de formulario de Ruby on Rails se escapan cuando tienen errores

I am using Rails 2.3.9, and have installed the rails_xss plugin. I have made everything that needs to be html_safe, but have just noticed a problem when a form helper fails validation. When i enter an incorrect email address, and it fails validation, i get the following in my browser:

<span class="fieldWithErrors"><label class="concise" for="user_session_email">Email Address:</label></span> <span class="fieldWithErrors"><input class="txt" id="user_session_email" name="user_session[email]" size="30" type="text" value="not_a_proper_email_address" /></span

I guess this is to do with rails_xss, but i don't know how to fix it. Thanks

preguntado el 08 de enero de 11 a las 16:01

1 Respuestas

Well i seem to have fixed the problem with this hack added to environment.rb

ActionView::Base.field_error_proc = Proc.new do |html_tag, instance|
  '<span class="field_with_errors">'.html_safe << html_tag << '</span>'.html_safe
end

Is this a bug? is this really the best fix??

Respondido el 08 de enero de 11 a las 19:01

yeah, I had to do that too. There was a bug posted against rails in 2007 but it was on the old bug tracking system and the link to it no longer works. see ethilien.net/archives/… - the bug link is in the comments. - ffoeg

No es la respuesta que estás buscando? Examinar otras preguntas etiquetadas or haz tu propia pregunta.