RubyFlow The Ruby and Rails community linklog

Stay safe while using html_safe in Rails

by Joe Kurleto

http://product.reverb.com/2015/08/29/stay-safe-while-using-html_safe-in-rails/

Don’t accidentally introduce XSS vulnerabilities to your app when using html_safe. Learn what ActiveSupport::SafeBuffer is and how you should use it.

Post a comment

You can use basic HTML markup (e.g. <a>) or Markdown.

As you are not logged in, you will be
directed via GitHub to signup or sign in