Rails 4 Notes: Difference between revisions
Jump to navigation
Jump to search
| Line 34: | Line 34: | ||
<pre> | <pre> | ||
<%= stylesheet_link_tag "application" %> | <%= stylesheet_link_tag "application" %> | ||
</pre> | |||
=== view helpers === | |||
View helper functions that return raw html need to add an <code>html_safe</code> to their output. For example: | |||
<pre> | |||
def blank | |||
return " " | |||
end | |||
</pre> | |||
becomes | |||
<pre> | |||
def blank | |||
return " ".html_safe | |||
end | |||
</pre> | </pre> | ||
Revision as of 22:41, 24 July 2014
Lessons that I've learned before
<%= form_for ... %>instead of<% form_for ... %>- Chrome won't let you POST a form to local test instance, only GET. Firefox is OK.
New lessons
Routes
Routes need to be explicit (like a white list) to enhance security.
get 'tasks' => 'task#index' get 'chart/:server/:type' => 'stat#chart' get 'tasks/download_request' => 'task#download_request' post 'tasks/download_request' => 'task#download_request'
Can also use resources.
Strong parameters
Makes Action Controller parameters forbidden to be used in Active Model mass assignment until they have been whitelisted. http://edgeapi.rubyonrails.org/classes/ActionController/StrongParameters.html
jQuery
rails generate jquery:install
asset pipeline
add this to get javascript:
<%= javascript_include_tag "application" %>
add this to get css:
<%= stylesheet_link_tag "application" %>
view helpers
View helper functions that return raw html need to add an html_safe to their output. For example:
def blank
return " "
end
becomes
def blank
return " ".html_safe
end