Interesting Things

• Using the result of render as an attribute: If you call render in a view, you’ll get back a SafeBuffer, which acts like a String but is trusted and allowed to contain HTML which will not be escaped when it’s placed on the page. If you use this value in a DOM attribute, however, it will be escaped:

  - template = render 'ajaxy_thing/template'
  %ul#ajaxy_things{template: template}
  

  If it weren’t escaped, the contents of template would probably break out of the ul tag early and mess things up.

  One pair tried to extract code like this into a helper, and then do something like:

  template = render('ajaxy_thing/template')
  content_tag(:ul, id: "ajaxy_things", template: template)
  

  Here, it turns out, template is so trusted that its contents are inserted without escaping, which breaks the ul tag. It becomes something like:

  

  which is clearly no good. (In fact, it’s so weird that I had to turn that snippet into an image just to get the blog to display it.)

  When you have a String which is untrusted and you don’t want it to be escaped, you call #html_safe on it. This is the opposite, and it’s not clear how best to do it. The pair decided to make a new String out of it, which worked:

  template = String.new(render('ajaxy_thing/template')) # The new String is not html_safe
  

• TeamCity 6.5 : TeamCity 6.5 is out, but it breaks RVM support. It will return in 6.5.1.

Events

• Girl Develop It will begin its 4-week June section on Javascript and jQuery on Thursday, June 9th. Girl Develop It is a series of programming classes designed to help women enter the software development world and change the ratio. There are still some spots left!