I have some translations i开发者_JAVA技巧n my Rails application (config/locale/[en|de].yml) and I use it in my views with <%=t "teasers.welcome" %>
. Example:
teasers:
welcome: "<strong>Welcome</strong> to the Website ..."
In Rails 2.3.8 this works just fine, with Rails 3, the HTML is escaped and translated to <
... How can I prevent this form this translation and use HTML in my translation files like in Rails 2.3.8?
Other than using raw
, there's an other undocumented (but official) way to do so.
All keys ending with _html
are automatically rendered unescaped.
Rename the key from
teasers:
welcome: "<strong>Welcome</strong> to the Website ..."
to
teasers:
welcome_html: "<strong>Welcome</strong> to the Website ..."
I suppose it's because doing
<%= t("blah") %>
in rails 2.x, now is the equivalent of doing
<%=h t("blah") %>
when you're using rails 3.
From the release notes:
Switch to on-by-default XSS escaping for rails.
To fix this, and once again from the release notes:
You no longer need to call h(string) to escape HTML output, it is on by default in all view templates. If you want the unescaped string, call raw(string).
So just replace
<%= t("blah") %>
by
<%= raw t("blah") %>
精彩评论