I am trying to do a simple thing where:
_flash.js.erb:
$("#alerts").append("<%=j render :template => "shared/_flash.html.erb" %>");
Note the <%=j... which escapes the javascript.
_flash.html.erb:
<% flash.each do |key, value| %>
<div class="alert-message top <%= "#{key}" %> fade in" data-alert="alert">
<a class="close" href="#">x</a>
<p><%=j value %></p>
</div>
<% end %>
When _flash.js.erb is called, however, something like the following is appended:
$("#alerts").append(" \u003Cdiv class=alert-message top warning fade in data-alert=alert\u003E
\u003Ca class=close href=#\u003Ex\u003C/a\u003E
\u003Cp\u003ELooks like you have already linked with Facebook.\u003C/p\u003E
\u003C/div\u003E
");
Without the javascript escaping, the response is like this:
$("#alerts").append(" <div class="alert-message top warning fade in" data-alert="alert">
<a class="close" href="#">x</a>
<p>Looks like you have already linked with Facebook.</p>
</div>
");
What is the recommended way in rails 3 to achieve the above in a robust fashion?
Use escape_javascript
instead; you're JSON-escaping it.
You could alias something the same way j
is an alias to json_escape
; it's just a helper.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.