如何联合国转义html字符串 [英] How to UN-escape html strings

问题描述

所以我有一个存储预先转义的文本字符串的数据库表（不要问我为什么......我不知道），我需要把它作为一个RAW字符串放在页面上。所有的rails输出函数似乎都会跳出输出。

ex
<％= @string％> 会在打印到屏幕前转义字符串的特殊字符。

所以如果我有字符串& amp; 我最终得到了类似于& amp; amp; 的东西，并且屏幕上的输出只是& amp; $ div

$ b $ p

您可以使用html_safe。

> html_safe实际上将字符串设置为HTML安全（它比这更复杂一点，但它基本上是这样）。这样，您就可以随意从助手或模型中返回HTML安全字符串。

只能从控制器或视图中使用，因为它来自助手。它会迫使输出逃脱。它并没有被废弃，但你很可能不再使用它：唯一的用法是恢复html_safe声明，这很不寻常。

将表达式与raw实际上相当于调用html_safe，但是，就像h一样，它是在助手中声明的，所以它只能用于控制器和视图。

这是一个关于SafeBuffers（html_safe magic的类）如何工作的很好的解释： http://yehudakatz.com/2010/02/01/safebuffers-and-rails-3-0/

So I have a database table that stores pre-escaped text strings (don't ask me why ... I don't know) and I need to put it on the page as a RAW string. All of the rails output functions seems to escape the output.

ex <%= @string %> will escape the string's special characters before printing to the screen

So if I have the string & I end up with something like & and the output to the screen is simply &

解决方案

You can use html_safe for the same.

html_safe actually "sets the string" as HTML Safe (it's a little more complicated than that, but it's basically it). This way, you can return HTML Safe strings from helpers or models at will.

h can only be used from within a controller or view, since it's from a helper. It will force the output to be escaped. It's not really deprecated, but you most likely won't use it anymore: the only usage is to "revert" an html_safe declaration, pretty unusual.

Prepending your expression with raw is actually equivalent to calling html_safe on it, but, just like h, is declared on a helper, so it can only be used on controllers and views.

Here's a nice explanation on how the SafeBuffers (the class that does the html_safe magic) work: http://yehudakatz.com/2010/02/01/safebuffers-and-rails-3-0/

这篇关于如何联合国转义html字符串的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！