What is the difference between
How much logic should you put in your ERb files?
How does Rails know what controller goes with what view, if you don’t tell it?
Which methods should you use to protect yourself against potential insertions of unwanted HTML?
When you use
<%=, Rails will insert the
return value of the code you’ve used into the document. If you use
<%, nothing will be added to the document.
In general, you should put as little logic into your ERb files as possible. You may need to put some logic there to make sure that users get the right presentation of the information you’re sharing, or to build an interface for them to work with it. However, you should avoid putting much else there.
Rails maps controllers to views through naming conventions, unless your code specifies otherwise.
h method and the
sanitize method will remove most potentially dangerous markup.