问题
I have a controller action that responds with a .js.coffee file, which is supposed to be supported in my version of Rails 3.2.12. The problem is that something in the parsing is allowing user provided data to cause the javascript to fail. I've simplified the example like this:
action.js.coffee file:
$('my_container').append("<%= j render(:partial => 'my_partial') %>")
my_partial.html.erb file contains just one line that should NOT be interpolated:
"#{this should not be evaluated}"
The javascript that actually gets rendered
$('my_container').append("\"" + (this(should(!be(evaluated)))) + "\"\n\n");
Whoa! What is going on? I can fix the problem by dropping the .coffee off of the filename, but this seems like a bug with Rails?
回答1:
I solved the problem by changing the double quotes in the js.coffee file, but I'm still not sure its a bug. Hopefully this will help someone else!
Changed:
$('my_container').append("<%= j render(:partial => 'my_partial') %>")
to
$('my_container').append('<%= j render(:partial => 'my_partial') %>')
来源:https://stackoverflow.com/questions/17955246/how-to-escape-while-rendering-a-js-coffee-file-in-response-to-an-action