I have input that may either be a string or be a string of html. I have figured out how to recognize whether or not the string is html, but I don't know how to have the browser interpret the string as html instead.
For example, instead of having <a href='www.google.com'> Click here!! </a> on the 开发者_如何学Cpage, I would instead like to have the actual link render like: Click Here
View code where I am trying to do this:
<div class="description">
<%= p.description %>
<div>
You need to mark the string as 'html safe' in one of two ways:
<%= raw @string %>
... or by explicitly marking the string as html_safe:
<%= @string.html_safe %>
However: Please bear in mind that if this input comes from untrusted users (i.e. anyone other than you!), then this could be a risky strategy, as it will allow cross site scripting attacks. Make sure you read the rails security guide for more information on this risk and how to effectively mitigate it.
Sounds like you need to use the raw helper, if your code looks like this:
@your_bit_of_html = '<a href="www.google.com"> Click here!! </a>'
Then your view ERB should look like this:
<%= raw @your_bit_of_html %>
And, now that you've included a sample of your ERB:
<div class="description">
<%= raw p.description %>
<div>
Using raw assumes that you have properly encoded and cleansed any HTML that you're going to output so you'll need to exercise due caution.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论