When outputting dynamic code to template files, it is important to ensure that the code is safe for output and will not break the HTML or create Cross-Site Scripting (XSS) vulnerabilities. Learn to create a custom helper method to escape content before ou
- [Instructor] In this movie, we're going to learn…why it's important to escape dynamic content…before you output it to your HTML page…and then we'll learn to write a custom helper…to help us with that.…We want to always escape any dynamic content…before we drop it onto our HTML page…and the reason why is because that dynamic content…may not be safe to just drop on the HTML as it is.…That's especially true if that content originated…with a user at some point.…We can't trust that that content doesn't contain…malicious code in it.…
- Installing Sinatra
- Launching the server
- Defining routes
- Using route patterns and parameters
- Redirecting requests
- Rendering dynamic templates
- Using partial templates and layouts
- Defining custom helpers
Skill Level Intermediate
Ruby on Rails 5 Essential Trainingwith Kevin Skoglund10h 21m Beginner
Ruby on Rails: Get More From ActiveRecordwith Kevin Skoglund4h 27m Intermediate
3. Helpers and Filters
4. Useful Techniques
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.