aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGodfrey Chan <godfreykfc@gmail.com>2013-12-04 09:46:38 -0800
committerGodfrey Chan <godfreykfc@gmail.com>2013-12-04 09:46:38 -0800
commit0696547814057eaed3c13e70a6dc6b2b7bb3e1f9 (patch)
tree8a991d6e439e2e18404ac04e1023652dfd227bbf
parent2c564cdbdbe62c319e65abb3631b288f11878987 (diff)
downloadrails-0696547814057eaed3c13e70a6dc6b2b7bb3e1f9.tar.gz
rails-0696547814057eaed3c13e70a6dc6b2b7bb3e1f9.tar.bz2
rails-0696547814057eaed3c13e70a6dc6b2b7bb3e1f9.zip
Also move html_esacpe regex to a constant (see 9d25af60)
-rw-r--r--activesupport/lib/active_support/core_ext/string/output_safety.rb3
1 files changed, 2 insertions, 1 deletions
diff --git a/activesupport/lib/active_support/core_ext/string/output_safety.rb b/activesupport/lib/active_support/core_ext/string/output_safety.rb
index 1d23998b88..23f95341f8 100644
--- a/activesupport/lib/active_support/core_ext/string/output_safety.rb
+++ b/activesupport/lib/active_support/core_ext/string/output_safety.rb
@@ -5,6 +5,7 @@ class ERB
module Util
HTML_ESCAPE = { '&' => '&amp;', '>' => '&gt;', '<' => '&lt;', '"' => '&quot;', "'" => '&#39;' }
JSON_ESCAPE = { '&' => '\u0026', '>' => '\u003e', '<' => '\u003c', "\u2028" => '\u2028', "\u2029" => '\u2029' }
+ HTML_ESCAPE_REGEXP = /[&"'><]/
HTML_ESCAPE_ONCE_REGEXP = /["><']|&(?!([a-zA-Z]+|(#\d+));)/
JSON_ESCAPE_REGEXP = /[\u2028\u2029&><]/u
@@ -21,7 +22,7 @@ class ERB
if s.html_safe?
s
else
- s.gsub(/[&"'><]/, HTML_ESCAPE).html_safe
+ s.gsub(HTML_ESCAPE_REGEXP, HTML_ESCAPE).html_safe
end
end