Test Your Knowledge

Quiz

  1. What is the difference between <% and <%=?

  2. How much logic should you put in your ERb files?

  3. How does Rails know what controller goes with what view, if you don’t tell it?

  4. Which methods should you use to protect yourself against potential insertions of unwanted HTML?

Answers

  1. When you use <%=, Rails will insert the return value of the code you’ve used into the document. If you use <%, nothing will be added to the document.

  2. In general, you should put as little logic into your ERb files as possible. You may need to put some logic there to make sure that users get the right presentation of the information you’re sharing, or to build an interface for them to work with it. However, you should avoid putting much else there.

  3. Rails maps controllers to views through naming conventions, unless your code specifies otherwise.

  4. The h method and the sanitize method will remove most potentially dangerous markup.

Get Learning Rails: Live Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial