method

html_safe

v4.2.7 - Show latest stable - Class: String

html_safe()

public

Marks a string as trusted safe. It will be inserted into HTML with no additional escaping performed. It is your responsibilty to ensure that the string contains no malicious content. This method is equivalent to the `raw` helper in views. It is recommended that you use `sanitize` instead of this method. It should never be called on user input.

# File activesupport/lib/active_support/core_ext/string/output_safety.rb, line 259
  def html_safe
    ActiveSupport::SafeBuffer.new(self)
  end

1Note

use raw() instead

ssoroka · Oct 20, 20107 thanks

Don't use this method unless you're sure your string isn't nil. Instead use the raw() method, which wont raise an exception on nil.

html_safe

1Note

use raw() instead

Related methods