Notes posted by ville

RSS feed
February 17, 2009
2 thanks

Remember to sanitize name

While useful when in need of richer markup inside a link, the name parameter isn’t sanitized or escaped and thus should be escaped when its content can’t be guaranteed to be safe.


link_to(url, url)

may cause problems with character entities if url contains ampersands.

Correct usage
link_to(h(url), url)

This applies to all dynamic content.

January 20, 2009 - (>= v2.2.1)
5 thanks

Reloading memoized values

Memoize is used to cache the result of a method. It’s roughly equivalent of having:

def memoized_method(*args)
  @result[args] ||= (
    # do calculation here

However, the result is cached so that it’s not calculated for every request.

To recalculate cached value use either