For performance reasons, you can no longer call html_safe! on Strings. Instead, all Strings are always not html_safe?. Instead, you can get a SafeBuffer from a String by calling #html_safe, which will SafeBuffer.new(self).

  * Additionally, instead of doing concat("</form>".html_safe), you can do
    safe_concat("</form>"), which will skip both the flag set, and the flag
    check.
  * For the first pass, I converted virtually all #html_safe!s to #html_safe,
    and the tests pass. A further optimization would be to try to use
    #safe_concat as much as possible, reducing the performance impact if
    we know up front that a String is safe.

3 files changed, 120 insertions, 54 deletions

diff --git a/activesupport/lib/active_support.rb b/activesupport/lib/active_support.rb
index 833ae351b9..ae31d191c0 100644
--- a/activesupport/lib/active_support.rb
+++ b/activesupport/lib/active_support.rb
@@ -67,5 +67,6 @@ module ActiveSupport
     autoload :XmlMini
   end
 
+  autoload :SafeBuffer, "active_support/core_ext/string/output_safety"
   autoload :TestCase
 end
diff --git a/activesupport/lib/active_support/core_ext/string/output_safety.rb b/activesupport/lib/active_support/core_ext/string/output_safety.rb
index ceed90ce79..3977971e8d 100644
--- a/activesupport/lib/active_support/core_ext/string/output_safety.rb
+++ b/activesupport/lib/active_support/core_ext/string/output_safety.rb
@@ -1,3 +1,53 @@
+require "erb"
+
+class ERB
+  module Util
+    HTML_ESCAPE = { '&' => '&amp;',  '>' => '&gt;',   '<' => '&lt;', '"' => '&quot;' }
+    JSON_ESCAPE = { '&' => '\u0026', '>' => '\u003E', '<' => '\u003C' }
+
+    # A utility method for escaping HTML tag characters.
+    # This method is also aliased as <tt>h</tt>.
+    #
+    # In your ERb templates, use this method to escape any unsafe content. For example:
+    #   <%=h @person.name %>
+    #
+    # ==== Example:
+    #   puts html_escape("is a > 0 & a < 10?")
+    #   # => is a &gt; 0 &amp; a &lt; 10?
+    def html_escape(s)
+      s = s.to_s
+      if s.html_safe?
+        s
+      else
+        s.gsub(/[&"><]/) { |special| HTML_ESCAPE[special] }.html_safe
+      end
+    end
+
+    undef :h
+    alias h html_escape
+
+    module_function :html_escape
+    module_function :h
+
+    # A utility method for escaping HTML entities in JSON strings.
+    # This method is also aliased as <tt>j</tt>.
+    #
+    # In your ERb templates, use this method to escape any HTML entities:
+    #   <%=j @person.to_json %>
+    #
+    # ==== Example:
+    #   puts json_escape("is a > 0 & a < 10?")
+    #   # => is a \u003E 0 \u0026 a \u003C 10?
+    def json_escape(s)
+      s.to_s.gsub(/[&"><]/) { |special| JSON_ESCAPE[special] }
+    end
+
+    alias j json_escape
+    module_function :j
+    module_function :json_escape
+  end
+end
+
 class Object
   def html_safe?
     false
@@ -10,32 +60,46 @@ class Fixnum
   end
 end
 
-class String
-  attr_accessor :_rails_html_safe
-  alias html_safe? _rails_html_safe
+module ActiveSupport #:nodoc:
+  class SafeBuffer < String
+    alias safe_concat concat
 
-  def html_safe!
-    @_rails_html_safe = true
-    self
-  end
+    def concat(value)
+      if value.html_safe?
+        super(value)
+      else
+        super(ERB::Util.h(value))
+      end
+    end
 
-  def html_safe
-    dup.html_safe!
-  end
+    def +(other)
+      dup.concat(other)
+    end
+
+    def <<(value)
+      self.concat(value)
+    end
+
+    def html_safe?
+      true
+    end
+
+    def html_safe
+      self
+    end
 
-  alias original_plus +
-  def +(other)
-    result = original_plus(other)
-    result._rails_html_safe = html_safe? && other.html_safe?
-    result
+    def to_s
+      self
+    end
   end
+end
 
-  alias original_concat <<
-  alias safe_concat <<
-  def <<(other)
-    @_rails_html_safe = false unless other.html_safe?
-    result = original_concat(other)
+class String
+  def html_safe!
+    raise "You can't call html_safe! on a String"
   end
 
-  alias concat <<
+  def html_safe
+    ActiveSupport::SafeBuffer.new(self)
+  end
 end
\ No newline at end of file
diff --git a/activesupport/test/core_ext/string_ext_test.rb b/activesupport/test/core_ext/string_ext_test.rb
index 9a805bc010..ca26f91e8c 100644
--- a/activesupport/test/core_ext/string_ext_test.rb
+++ b/activesupport/test/core_ext/string_ext_test.rb
@@ -342,12 +342,12 @@ class OutputSafetyTest < ActiveSupport::TestCase
   end
 
   test "A string can be marked safe" do
-    @string.html_safe!
-    assert @string.html_safe?
+    string = @string.html_safe
+    assert string.html_safe?
   end
 
   test "Marking a string safe returns the string" do
-    assert_equal @string, @string.html_safe!
+    assert_equal @string, @string.html_safe
   end
 
   test "A fixnum is safe by default" do
@@ -361,7 +361,7 @@ class OutputSafetyTest < ActiveSupport::TestCase
       end
     end
 
-    @string.html_safe!
+    @string.html_safe
     @string << klass.new
 
     assert_equal "helloother", @string
@@ -369,44 +369,44 @@ class OutputSafetyTest < ActiveSupport::TestCase
   end
 
   test "Adding a safe string to another safe string returns a safe string" do
-    @other_string = "other".html_safe!
-    @string.html_safe!
-    @combination = @other_string + @string
+    @other_string = "other".html_safe
+    string = @string.html_safe
+    @combination = @other_string + string
 
     assert_equal "otherhello", @combination
     assert @combination.html_safe?
   end
 
-  test "Adding an unsafe string to a safe string returns an unsafe string" do
-    @other_string = "other".html_safe!
-    @combination = @other_string + @string
-    @other_combination = @string + @other_string
+  test "Adding an unsafe string to a safe string escapes it and returns a safe string" do
+    @other_string = "other".html_safe
+    @combination = @other_string + "<foo>"
+    @other_combination = @string + "<foo>"
 
-    assert_equal "otherhello", @combination
-    assert_equal "helloother", @other_combination
+    assert_equal "other&lt;foo&gt;", @combination
+    assert_equal "hello<foo>", @other_combination
 
-    assert !@combination.html_safe?
+    assert @combination.html_safe?
     assert !@other_combination.html_safe?
   end
 
   test "Concatting safe onto unsafe yields unsafe" do
     @other_string = "other"
-    @string.html_safe!
+    @string.html_safe
 
     @other_string.concat(@string)
     assert !@other_string.html_safe?
   end
 
-  test "Concatting unsafe onto safe yields unsafe" do
-    @other_string = "other".html_safe!
-
-    @other_string.concat(@string)
-    assert !@other_string.html_safe?
+  test "Concatting unsafe onto safe yields escaped safe" do
+    @other_string = "other".html_safe
+    string = @other_string.concat("<foo>")
+    assert_equal "other&lt;foo&gt;", string
+    assert string.html_safe?
   end
 
   test "Concatting safe onto safe yields safe" do
-    @other_string = "other".html_safe!
-    @string.html_safe!
+    @other_string = "other".html_safe
+    @string.html_safe
 
     @other_string.concat(@string)
     assert @other_string.html_safe?
@@ -414,31 +414,32 @@ class OutputSafetyTest < ActiveSupport::TestCase
 
   test "Concatting safe onto unsafe with << yields unsafe" do
     @other_string = "other"
-    @string.html_safe!
+    @string.html_safe
 
     @other_string << @string
     assert !@other_string.html_safe?
   end
 
-  test "Concatting unsafe onto safe with << yields unsafe" do
-    @other_string = "other".html_safe!
-
-    @other_string << @string
-    assert !@other_string.html_safe?
+  test "Concatting unsafe onto safe with << yields escaped safe" do
+    @other_string = "other".html_safe
+    string = @other_string << "<foo>"
+    assert_equal "other&lt;foo&gt;", string
+    assert string.html_safe?
   end
 
   test "Concatting safe onto safe with << yields safe" do
-    @other_string = "other".html_safe!
-    @string.html_safe!
+    @other_string = "other".html_safe
+    @string.html_safe
 
     @other_string << @string
     assert @other_string.html_safe?
   end
 
   test "Concatting a fixnum to safe always yields safe" do
-    @string.html_safe!
-    @string.concat(13)
-    assert @string.html_safe?
+    string = @string.html_safe
+    string = string.concat(13)
+    assert_equal "hello".concat(13), string
+    assert string.html_safe?
   end
 end