Alex P wrote in post #961467: > Hi, > > I have a helper that include JS file contents into my view (for per- > view JS injections).
Don't ever do that! JS does not belong in your HTML. > > For some reason (render :file => "inject/#{filename}.js") % > [ "foo" ] > combined with string formatting, assuming there's a replacement > pattern %s in {filename}.js, replaces all double quotes that were met > in {filename}.js to " > > It doesn't escape single quotes, and doesn't even escape double quotes > when using no replacement pattern. That is correct HTML escaping. [...] > Is there some mechanism in Rails that may force symbols to be HTML- > encoded in case of replacement? It may also be a bug. > Thank you! Rails 3 HTML-escapes strings by default. You can turn it off, or declare a particular string as safe, but in this case the better solution would be to fix your design problem: put your JS and HTML in separate files. Best -- Marnen Laibow-Koser http://www.marnen.org mar...@marnen.org -- Posted via http://www.ruby-forum.com/. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-t...@googlegroups.com. To unsubscribe from this group, send email to rubyonrails-talk+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.