In my layout I have
<% @current_user.popups.each do |p| %>
<% content_for :script do %>
<%= "$(document).ready ( function() { $.jGrowl(\"#{p.message}\", { sticky: true }) });" %>
<% end %>
<% end %>
And then in the script section I have
<%= yield :script %>
The problem is that this renders the escaped quotes as \" and javascript doesn't like this.
How can I stop this from happening? Or is there another approach to this? I can't use single quotes because I'd like to have some html in the message. I'd appreciate any help.
In my layout I have
<% @current_user.popups.each do |p| %>
<% content_for :script do %>
<%= "$(document).ready ( function() { $.jGrowl(\"#{p.message}\", { sticky: true }) });" %>
<% end %>
<% end %>
And then in the script section I have
<%= yield :script %>
The problem is that this renders the escaped quotes as \" and javascript doesn't like this.
How can I stop this from happening? Or is there another approach to this? I can't use single quotes because I'd like to have some html in the message. I'd appreciate any help.
Share Improve this question asked May 17, 2010 at 22:22 JamesJames 5,41310 gold badges53 silver badges78 bronze badges2 Answers
Reset to default 12Are you using Rails 3? In Rails 3 html escaping is done by default and you must bypass it each time like the following: jdl had the right idea above, but it sounds like you still have issues.
<% content_for :script do %>
$(document).ready ( function() { $.jGrowl("<%= raw(p.message) %>", { sticky: true }) });
<% end %>
But even better would be to run it through the helper provided by rails: escape_javascript so escape carriage returns and quotes
like this:
$(document).ready ( function() { $.jGrowl("<%= raw(escape_javascript(p.message)) %>", { sticky: true }) });
try adding .html_safe to your string in the view.
<%= "$(document).ready ( function() { $.jGrowl(\"#{p.message.html_safe}\", { sticky: true }) });" %>