Rails HTML safe strings

[samrjenkins]

Thank you so much for your work on this project.

I am getting in touch because the HTML/XML strings returned by the renderers present an issue when it comes to HTML safety.

Currently we solve this in our project by calling #html_safe on the strings returned by the renderers. However, calling #html_safe irks me slightly and I would prefer to avoid it.

Is there a possible solution you could implement in this gem? I would understand if you didn't wish to implement Rails-specific functionality though.

Would you have any other suggestions (possibly from how you use this gem in your own Rails projects) for elegantly handling HTML safety?

I have attempted to extract the SVG path data from the SVG string produced by as_svg and to then construct an HTML safe string using Rails tag helpers. This quickly became quite messy!

I would be interested to hear your thoughts.

[whomwah]

Hi Sam, Thanks for the question. I guess my initial answer would be if you are worried about the safety of the markup returned, could you not just use the 'as_png' renderer and not return any markup?

It's not something I'd plan to add to the lib I'm afraid. I guess if I were using the lib and it was something important to me, I'd probably create a 'safe_qrcode' helper function to call.

Dunc

[samrjenkins]

Thanks for your thoughts