Ensure simple_format escapes its html attributes

The previous behavior equated the sanitize option for simple_format with the
escape option of content_tag, however these are two distinct concepts.

This fixes CVE-2013-6416

Conflicts:
	actionview/lib/action_view/helpers/text_helper.rb

0 files changed, 0 insertions, 0 deletions