Escape attribute value / prevent html sanitization in Haml - haml

Here is my Haml:
%a{:href => "/settings", "data-icon" => "⚙"}
Which outputs:
<a data-icon='&#9881;' href='/settings'>Settings</a>
I want to output:
<a data-icon='⚙' href='/settings'>Settings</a>
So I've tried escaping the ampersand:
%a{:href => "/settings", "data-icon" => "\⚙"}
But it seems escapes only work for the first character of a line.
I've also tried different methods of interpolation/escaping with no success:
"#{"⚙"}"
Using plain html (Settings) is a stopgap measure that I do not consider a solution. What if I want to set the data-icon programatically?
Another option is:
%a{:href => "#", "data-icon" => "⚙"} Settings
But what if I want to use PUA characters? It also makes it a lot harder to tell what the character is in the markup.
Demo

You need to set the escape_attrs option to false or :once.
$ haml --no-escape-attrs
%a{:href => "/settings", "data-icon" => "⚙"}
output:
<a data-icon='⚙' href='/settings'></a>
--no-escape-attrs sets the escape_attrs option to false from the command line. See the docs for info on how to set options in other cases.
(It doesn’t look like codepen.io lets you specify Haml options, so I can’t provide a demo there).

Related

How to fill an attribute with haml-generated DOM?

Is there a way to render some haml-generated DOM into an element's attribute? A concrete usage example would be a bootstrap tooltip which allows html in its "title"-attribute.
I have tried to define a local variable but this syntax does not work:
!!! 5
%body
- tooltipDom =
%i Some
%strong very complex
%i DOM
%a{:"data-html" => "true", :title => tooltipDom, :"data-toggle" => "tooltip"}
What would be working syntax to get this html into the variable? Or is there another way to achieve this, e.g. rendering a partial inside the attribute somehow?
Please do not just suggest to simply write pure HTML-markup into the attribute. That is clearly not what I am looking for.
Defining the desired Haml in a partial and rendering that into the variable will work fine and do the job:
!!! 5
%body
- tooltipDom = render partial: 'some_partial'
%a{:"data-html" => "true", :title => tooltipDom, :"data-toggle" => "tooltip"}

Yii URL Manager: problems in create an view url

in file config main.php:
'/view-details/<slug:[a-zA-Z0-9]+>' => array('product/details', 'urlSuffix' => '.html')
create url:
$this->createUrl('product/details', array('slug'=>'my-product-demo-with-id-123'));
result:
mydomain/view-details/my-product-demo-with-id-123.html
(done! perfect generate url)
but, when visit link, this is error: unsolved request view-details/my-product-demo-with-id-123.html
if remove all character "-" (mydomain/view-details/MyProductDemoWithID123.html), it's working, not error.
what is problems? somebody can help me?
The regular expression you're using will only match single words but your url has hyphens as well.
You need to have a rule that looks like this
'/view-details/<slug:[-\w]+>' => array('product/details', 'urlSuffix' => '.html')
I'm not sure (new at Yii!) but probably this can be related to a bad method in your Controller actionView().
Look if you have in your controller "View-details" a method similiar to "actionMyProductDemoWithID123()" and inside of this, you render that file.
Example: yourDomain/yourController/yourView
Class YourController{
actionYourView(){
$this->render('yourView');
}
}
In your case, you probably have something similar to this:
Class view-details{
actionMyProductDemoWithId123(){
$this->render('MyProductDemoWithID123');
}
}
If it's not, you can take a look at this post: http://www.yiiframework.com/wiki/404/hyphenation-of-routes-in-url-management/
You missed the "-" part of your regex so it won't match try
'/view-details/<slug:[a-zA-Z0-9\-]+>' => array('product/details', 'urlSuffix' => '.html')
In your regex you are allowing only alphanumeric values. Your have to allow "-" also as you are using in your parameter(slug).
Regex with Alphanumeric and -,_
'view-details/<slug:[a-zA-Z0-9-_]+>' => array('product/details','urlSuffix' => '.html'),

Haml ruby expression indentation

When it gives to ruby expression, like if statement, I don't know how to indent correctly.
%ul
%li foo
- if true
%li bar
The above code working, but the two %li doesn't aligned, which not elegant for me, become they are in the same level(I mean both are children of %ul)
Is there a more elegant way to do this?
Your best bet if you are concerned with formatting for readability is to escape haml with an erb: filter.
%ul
erb:
<li>foo</li>
<% if true %><li>bar</li><% end %>
Unfortunately in situations like this the indentations kinda make the code less readable, but bare in mind the view is not mean for a great amount a logic. As much as possible, you should use your controller and helpers to pull out logic from the view.
Ok - so here is what happens in my code when the case is 'a bit' more complicated than this one:
list.haml:
%ul
= render :partial => 'list_item', :locals => { value => 'foo', cond => true }
= render :partial => 'list_item', :locals => { value => 'bar', cond => false }
_list_item.haml:
- if cond
%li= value
but in a case as trivial as this I would probably not do it. Most cases tend to become less trivial eventually though.... The con with this approach is that you need to get to another file to see what actually happens. The pro is DRY.

URL parameter in the URL itself instead of after ? in Rails

I have the following line in the routes:
match 'area/:area_id/stores', :to => "stores_directory#index", :as => "stores_directory"
I have a form where I can select an area_id as:
<%= form_tag stores_directory_path, :method=>:get do %>
<select id="area_id" name="area_id">
....
</select>
This ads the area_id as a parameter after ?. So, my question is: How would I make it to add it in between area and stores?
I see one solution (not the best maybe, but also quite acceptable). It is possible to write your own middleware to handle this request, but this is the wrong way I believe (in this case).
Instead, use JS redirect
This could be written as a method (example using JQuery):
$('#area_id option').click(function() {
if (this.value) { // check value is not empty
document.location.href = Routes.stores_directory_path({area_id: this.value})
}
});
OR using options_for_select:
options = []
areas.each do |a|
options << [a.to_s, a.id, {:onclick => "document.location.href = Routes.stores_directory_path({area_id: #{a.id}})"}]
end
options_for_select(options)
Here I used js-routes gem for nice url's.
Hope this will be helpful.

Accessing content of textarea in Drupal-7-Theme-Form

in my custom theme-settings.php (zen-subtheme) i put following code to get a new textarea with textformat in my theme-settings:
<?php
function paper_form_system_theme_settings_alter(&$form, &$form_state) {
$form['paper_data'] = array(
'#type' => 'text_format',
'#title' => 'Put Text in here:',
'#rows' => 5,
'#resizable' => FALSE,
'#default_value' => 'xyz..',
'#format' => 'full_html'
);
}
the form is working perfektly, but when i want to access the variable by writing
<?php
$pdata = theme_get_setting('paper_data');
echo $pdata;
?>
in my page.tpl.php, the content of the variable is not rendered - instead the word "Array" is printed ...
What's wrong and why? (If i use 'textarea' as type instead of 'text_format', all is rendered well.)
You will understand when you use something like the Devel module's dpm() function to check the variable rather than echo(). Coding Drupal without the Devel module is, IMHO, folly.
The issue very likely stems from your use of the text_format type. As you can see, it saves both the textarea value as well as an associated text format. When this is used Drupal returns the data in structured form which varies depending on the type of format.
dpm() is your friend :)