We've moved discussions to Discord

Question about Jumpstart disable_with helper

Brad McIntyre
Hey! Hoping to get a quick review of this idea. The current Jumpstart disable_with helper (for adding a spinner) looks like this:

def disable_with(text)
  "<i class=\"far fa-spinner-third fa-spin\"></i> #{text}".html_safe
end

I have a situation where the text argument will be user generated content. Would it be enough to simply use h/html_escape with the text to make this safe? Something like: ...#{ h(text) }".html_safe
Or any other recommended approaches for something like this?
Brad McIntyre
Hey! Hoping to get a quick review of this idea. The current Jumpstart disable_with helper (for adding a spinner) looks like this:

def disable_with(text)
  "<i class=\"far fa-spinner-third fa-spin\"></i> #{text}".html_safe
end

I have a situation where the text argument will be user generated content. Would it be enough to simply use h/html_escape with the text to make this safe? Something like: ...#{ h(text) }".html_safe
Or any other recommended approaches for something like this?
Notifications
You’re not receiving notifications from this thread.
© 2022 Jumpstart Pro by GoRails, LLC