views:

56

answers:

1

How can i replace all &gt; with > and &lt; with < inside a <code> tag with ruby?

For example: <code>&lt;script&gt;alert('I steal cookies');&lt;/script&gt;</code>

With: <code><script>alert('I steal cookies);<script><code>

The reason for this is because the h() method escapes all the < and >

Thanks, Micke

+1  A: 

The reason for this is because the h() method escapes all the < and >

The method works correctly, the tags should be escaped. Why do you want to unescape them?

If you don’t want to escape the output (because you actually want to output tags), simply don’t call h().

If you don’t have control over the calling of h(), then you may mark your string as “HTML safe” by calling the appropriate method on your string before passing it to h(). But it’s really hard to say if that’s appropriate for you:

s = "<strong>example</strong>".html_safe
h(s) # = "<strong>example</strong>"

Or:

s = "<strong>example</strong>"
s.html_safe!
h(s) # = "<strong>example</strong>"
Konrad Rudolph
I'm using maruku to enable markdown.And i don't want to escape tags inside of a `<code>` tag because if i fo that the browser outputs `>` and `<` insteade of `<>`.
Micke
@Micke: No, the browser does **not** do that. Definitely. If that happens, you’re escaping twice. My guess is that maruku is automatically escaping code inside `<code>` tags so you mustn’t do that yourself.
Konrad Rudolph
yeah, my bad. You are right. but Maruku doesnt escape the other text outside the code tag:(
Micke