>>> The 10 minute video is really impressive. But after browsing through  
>>> the documentation I haven't found an answer to one question: what  
>>> does happen with XML special chars like <> when you write <%=  
>>> @post.text %>?
>> I'm not sure I understand the question, but everything within a <% %>  
>> block is interpreted as regular Ruby code through ERb
>
> Sorry that it wasn't clear, I wanted to know what happened when  
> @post.text contains characters like ">" or "&". (How) are they  
> converted to entities?

Ahh. Rails offers no built-in method for that, but perhaps it should in  
the TextHelper[1]. You can, however, just use CGI.escapeHTML[2] like  
this:

<%= CGI.escapeHTML(@post.text) %>

[1] http://ap.rubyonrails.org/classes/ActionView/Helpers/TextHelper.html
[2]  
http://www.ruby-doc.org/stdlib/libdoc/cgi/rdoc/classes/ 
CGI.html#M000003.
--
David Heinemeier Hansson,
http://www.rubyonrails.org/  -- Web-application framework for Ruby
http://www.instiki.org/      -- A No-Step-Three Wiki in Ruby
http://www.basecamphq.com/   -- Web-based Project Management
http://www.loudthinking.com/ -- Broadcasting Brain
http://www.nextangle.com/    -- Development & Consulting Services