I just discovered Erubis, a replacement for the default view renderer for Ruby on Rails. However, from what I can tell from reading about it, it's superior across the board.
It is much faster.
It has many more options.
It can prevent cross site scripting without having to use h.
Does this have any disadvantages versus the standard erb renderer? Why isn't this the standard renderer packaged with Rails?
Also, the docs for Erubis say to install it just by installing the gem, and then add the following to environment.rb:
require 'erubis/helpers/rails_helper'
#Erubis::Helpers::RailsHelper.engine_class = Erubis::Eruby # or Erubis::FastEruby
Reading the docs, FastEruby seems to be just a faster renderer than Eruby. Why wouldn't it be default and used by everyone?
I'm highly interested in using the engine erubis::EscapedEruby which automatically calls h to escape html on fields from the database. Are there any gotchas I should be aware of or does this pretty much solve all cross site scripting?