Documente Academic
Documente Profesional
Documente Cultură
controller :sessions do
match 'logout', :via => :delete, :to => :destroy, :as => :logout
match 'login' do
get :new, :as => :login
post :create
end
end
map.resources :projects, :controller => 'project' do |projects|
projects.resources :attachments
projects.resources :participants, :collection => { :update_all => :put }
projects.resources :companies, :has_many => :people, :has_one => :avatar
end
resources :participants do
put :update_all, :on => :collection
end
resources :companies do
resources :people
resource :avatar
end
end
XSS protection
<%# => "I've hacked you good! <script>" %>
<%= comment.body %>
def needs_to_be_marked_safe_helper(text)
(content_tag(:div, text) + "<br/>").html_safe!
end
JavaScript goes
unobtrusive & agnostic
<%= link_to_remote "Delete", :url => @comment, :method => :delete %>
<%= link_to "Delete", @comment, :remote => true, :method => :delete %>