Read more

Don't call gsub on safe strings

Henning Koch
October 17, 2011Software engineer at makandra GmbH

Calling #gsub on a string that was previously marked as #html_safe will lead to unexpected behavior. E. g. backreferences to captured groups ($1, $2) will be nil even if the group was matched.

Illustration money motivation

Opscomplete powered by makandra brand

Save money by migrating from AWS to our fully managed hosting in Germany.

  • Trusted by over 100 customers
  • Ready to use with Ruby, Node.js, PHP
  • Proactive management by operations experts
Read more Show archive.org snapshot

There is no universal workaround available since you can't expect #html_safe strings Show archive.org snapshot to still be safe after using gsub on them.

You can, however, fix the $1 gsub behavior on html_safe strings.

Posted by Henning Koch to makandra dev (2011-10-17 15:46)