RSpec
Ruby on Rails
RubyNotes posted by ville
RSS feed
ville -
February 17, 2009
2 thanks
Remember to sanitize name
While useful when in need of richer markup inside a link, the name parameter isn’t sanitized or escaped and thus should be escaped when its content can’t be guaranteed to be safe.
E.g.
link_to(url, url)
may cause problems with character entities if url contains ampersands.
Correct usage
link_to(h(url), url)
This applies to all dynamic content.
ville -
January 20, 2009 - (>= v2.2.1)
5 thanks
Reloading memoized values
Memoize is used to cache the result of a method. It’s roughly equivalent of having:
def memoized_method(*args) @result[args] ||= ( # do calculation here ) end
However, the result is cached so that it’s not calculated for every request.
To recalculate cached value use either
obj.memoized_method(:reload)
or
obj.memoized_method(true)
