search

amagical-net / rails-latex

rails-latex is a renderer for rails which allows tex files with erb to be turned into an inline pdf
MIT License
141 stars 48 forks source link

Prevent HTML escaping when rendering a pdf #71

Open kalsan opened 1 year ago

kalsan commented 1 year ago

When rendering a .pdf.erb file to latex and the file contains non-html-safe parts, they get escaped in a way that would be suitable for HTML. However, we are generating LaTeX and not HTML, which means html_safe makes no sense in the first place (already the name says that).

This is a problem in the following example: 

<%= people.map{|person| "'#{person.label}'"}.join(', ') %>

Since the string produced by join is not html_safe, the generated String is &quot;Anna&quot;, &quot;Berta&quot;, which then causes LaTeX to crash because the & sign is not permitted.

The alterantive would be to use safe_join and raw instead:

<%= safe_join people.map{|person| raw "'#{person.label}'"}, ', ' %>

...or to tag the string as html_safe. However, it would be much more convenient, and also appropriate for the reasons described above, to skip HTML safety entirely when rendering LaTeX to PDF. Can this be achieved?

kalsan commented 1 year ago

Note: the problem with " and ' might actually be related to ERB escaping and not with html_safe: https://api.rubyonrails.org/classes/ERB/Util.html