Fix example in README (security) (#33)

schmijos · web-flow · commit 45cf1c07b030 · 2025-09-16T15:06:50.000+02:00
HTML needs to be escaped. We should not suggest `html_safe`.
diff --git a/README.md b/README.md
@@ -210,15 +210,15 @@ This configuration will give you some nice views, and searches to work with the
           params = bindings[:object].path.split("?").second
           if params.present?
             params = CGI.parse(params)
-            "<pre>#{JSON.pretty_generate(params)}</pre>".html_safe
+            bindings[:view].tag.pre JSON.pretty_generate(params)
           end
         end
       end
       field(:request_body) do
-        formatted_value { "<pre>#{JSON.pretty_generate(bindings[:object].request_body)}</pre>".html_safe }
+        formatted_value { bindings[:view].tag.pre JSON.pretty_generate(bindings[:object].request_body) }
       end
       field(:response_body) do
-        formatted_value { "<pre>#{JSON.pretty_generate(bindings[:object].response_body)}</pre>".html_safe }
+        formatted_value { bindings[:view].tag.pre JSON.pretty_generate(bindings[:object].response_body) }
       end
     end
   end
