consul/grecia
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Use raw instead of html_safe

Browse Source 
They do the exact same thing; however `html_safe` might confuse
developers into thinking it will make the HTML safe. Using `raw` makes
it clear that we're inserting the text without escaping it.
This commit is contained in:
Javi Martín
2019-10-06 16:22:01 +02:00
parent 9eee79f218
commit 89402bdbf6
7 changed files with 12 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/views/comments/_form.html.erb
View File

@@ -1,7 +1,7 @@
<% valuation = local_assigns.fetch(:valuation, false) %>
<% cache [locale_and_user_status, parent_id, commentable_cache_key(commentable), valuation] do %>
<% css_id = parent_or_commentable_dom_id(parent_id, commentable) %>
<div id="js-comment-form-<%= css_id %>" <%= "style='display:none'".html_safe if toggeable %> class="comment-form">
<div id="js-comment-form-<%= css_id %>" <%= raw("style='display:none'") if toggeable %> class="comment-form">
<%= form_for Comment.new, remote: true do |f| %>
<%= f.text_area :body,
id: "comment-body-#{css_id}",