On Sep 27, 10:19 pm, SpringFlowers AutumnMoon <rails-mailing-
[EMAIL PROTECTED]> wrote:
> Andreas S. wrote:
> >> <input type='hidden' value='<%= h(user_comment %>'>
>
> > Just don't, it's not correct HTML.
>
> really -- i thought HTML 4.01 allows using either double or single
> quote?
>
perhaps, but if h() doesn't escape single quotes then you'd want to
avoid using single quotes as the attribute value delimiter.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Ruby
on Rails: Talk" group.
To post to this group, send email to rubyonrails-talk@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---
