Rails 3 XSS Escaping Breaks Plugins
Is there a relatively easy solution to Rails 3 auto escaping to not break view-oriented plugins? I'm using table_builder which has an api along the lines of:
<%= calendar_for(args) do |table| %> ... <% end %>
Unfortunately, rails goes through and escapes all the html generated from that plugin. Is there an easy way to avoid this behavior that doesn't involve me hacking on the plugin itself? I can't really wrap it in a raw() from what I know because its an erb block.
take care which fork you put in your gemfile, this one works with rails3 as a gem like demonstrated in the railscast: http://railscasts.com/episodes/213-calendars
use this in your gemfile
gem 'table_builder', '0.0.3', :git => 'git://github.com/jchunky/table_builder.git'