Project description markup in gemspec gets html escaped on gemcutter

Dennis Theisen's Avatar

Dennis Theisen

24 Sep, 2010 07:19 PM

I'm not 100% sure if this is an error on the gemcutter side or if this feature is not supported by gemspec:

If you look at the project homepage here, you can see that the project description gets html escaped:
https://rubygems.org/gems/shopify_api

The content is taken from this file where it is stored in rdoc format:
http://github.com/Shopify/shopify_api/blob/master/shopify_api.gemspec

It converted the rdoc to HTML, but then when inserting the description it escaped everything.
I wonder if that might be a simple Rails 3 xss issue (use <%= raw %> instead) or if this is not supported.

Thanks for your help,
Dennis

  1. Support Staff 1 Posted by Nick Quaranto on 03 Oct, 2010 05:02 PM

    Nick Quaranto's Avatar

    I think we just need to do a better job of styling HTML via rdoc...we never really have. And unescape it. Adding an issue so I don't forget about this.

  2. 2 Posted by mikbe.tk on 24 Mar, 2011 06:22 AM

    mikbe.tk's Avatar

    I would very much like to have markdown available to use in my gem descriptions. As it is one of my gem descriptions looks like a hot mess. I could have sworn I saw someone with a very nicely formated description too... wish I could find it again so I could find out how they did it.

  3. Support Staff 3 Posted by Nick Quaranto on 24 Mar, 2011 01:53 PM

    Nick Quaranto's Avatar

    Which one? I really hate supporting this but I can't ask everyone to rerelease their gems.

  4. 4 Posted by mikbe.tk on 24 Mar, 2011 11:06 PM

    mikbe.tk's Avatar

    You mean which one of my gems right?

    Commandable:
    https://rubygems.org/gems/commandable

    I understand not wanting to force everyone to re-release their gems, I know I don't want to just to fix the bad formatting, but you wouldn't have to force them. Since there is no formatting to mess up currently it wouldn't hurt anything (famous last words) to just enable it. Then when people do republish they have the option of using markdown in their descriptions.

  5. 5 Posted by mikbe.tk on 13 May, 2011 09:01 PM

    mikbe.tk's Avatar

    With the recent 1.8.x I think it's a good time to go ahead and add markdown support. The whole, "Don't want to force everyone to re-release gems" thing is already in place with the deprecation warnings so...

  6. Support Staff 6 Posted by Eric Hodel on 14 May, 2011 12:45 AM

    Eric Hodel's Avatar

    No one will need to re-release gems to remove the deprecation warnings. When a gem containing the offending line is installed it will simply be ignored.

Reply to this discussion

Internal reply

Formatting help / Preview (switch to plain text) No formatting (switch to Markdown)

Attached Files

You can attach files up to 10MB

If you don't have an account yet, we need to confirm you're human and not a machine trying to post spam.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac