Haml v2.2.9

Version Release Notes

« Changelog History

Haml v2.2.9 Release Notes

Tagged on GitHub.
- 🛠 Fixed a bug where Haml's text was concatenated to the wrong buffer under certain circumstances. This was mostly an issue under Rails when using methods like capture.
- 🛠 Fixed a bug where template text was escaped when there was interpolation in a line and the :escape_html option was enabled. For example:
  
  Foo < Bar #{"<"} Baz
with :escape_html used to render as
```
  Foo &amp;lt; Bar &lt; Baz
```
but now renders as
```
  Foo &lt; Bar &lt; Baz
```
🚅 Rails XSS Protection

🚅 Haml 2.2.9 supports the XSS protection in Rails versions 2.3.5+. There are several components to this:
- If XSS protection is enabled, Haml's {file:HAML_REFERENCE.md#escape_html-option :escape_html} option is set to true by default.
- Strings declared as HTML safe won't be escaped by Haml, including the {file:Haml/Helpers.html#html_escape-instance_method #html_escape} helper and &= if :escape_html has been disabled.
- Haml helpers that generate HTML are marked as HTML safe, and will escape their input if it's not HTML safe.

Awesome Ruby is part of the LibHunt network. Terms. Privacy Policy.