Home/ Questions/Q 8312963
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-08T20:20:07+00:00

I am using the rails 3.2.5 ActionMailer to send plain text mails. Given I

  • 0

I am using the rails 3.2.5 ActionMailer to send plain text mails. Given I have a mail view like this:

message_from_user.text.erb:

Hi <%= @recipient.name %>,

You got the following message from <%= @sender.name %>:

<%= @message %>

When @message is "quotes & ampersands", then the plain text mail contains &quot;quotes &amp; ampersands&quot;. So it seems like rails just treats this as a HTML view and escapes any html in order to prevent cross site scripting. However this is a plain text mail. The extension is .text.erb and ActionMailer detectes this and sets the MIME to text/plain. So I never want to escape any html in it.

I have quite a few mail templates in my application, they are all plain text. I would consider patching all of them to include <%=raw @message%> or <%= @message.html_safe %> bad style – not very DRY.

I tried varios work-arounds that included money patching Erubis. None of them seem to work. I am looking for some patch or config option or anything to disable escaping html for all .text.erb files.

Any help is greatly appreciated!

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    After some hours of debugging through the Erubis code, I found the following fix. You can just put it into config/initializers/fix_my_mails.rb. I’ve tested this with rails 3.2.7. It may work with other versions.

    module ActionView
  class Template
    module Handlers
      class ERB
        def call(template)
          if template.source.encoding_aware?
            # First, convert to BINARY, so in case the encoding is
            # wrong, we can still find an encoding tag
            # (<%# encoding %>) inside the String using a regular
            # expression
            template_source = template.source.dup.force_encoding("BINARY")

            erb = template_source.gsub(ENCODING_TAG, '')
            encoding = $2

            erb.force_encoding valid_encoding(template.source.dup, encoding)

            # Always make sure we return a String in the default_internal
            erb.encode!
          else
            erb = template.source.dup
          end

          self.class.erb_implementation.new(
            erb,
            :trim => (self.class.erb_trim_mode == "-"),
            :escape => template.identifier =~ /\.text/ # only escape HTML templates
          ).src
        end
      end
    end
  end
end

    It just disables HTML entities in every erb file containing .text in the file name.

    • 0