html_safe

Work In Progress

You can declare an string (ActionView::OutputBuffer) is HTML safe with:

view.html_safe

Basically it does this:

if string.html_safe?
  string
else
  CGI.escapeHTML(value)
end

So when you marks something as html_safe, it actually will return as is. Hence it is dangerous if you have user input.