Content of textarea needs to be html escaped

Question

Closed this issue 14 years ago · 1 comments

Fix is to remove the html_safe flag (is there a better way?), so the content will automatically be correctly html escaped:

change:

text_area_tag 'remotipart_response', content

to:

text_area_tag('remotipart_response', String.new(content))

Answer 1 · 2010-12-08T19:22:53.000Z

Fixed with version 0.2.0 released today. Thanks for the feedback and help.