The hex escape sequence can be of any length

author: Godfrey Chan <godfreykfc@gmail.com> 2014-07-02 15:48:23 -0700
committer: Godfrey Chan <godfreykfc@gmail.com> 2014-07-02 15:55:28 -0700
commit: 268a29d49a5bba28598d3a65438b7fc0fb9d22e3 (patch)
tree: d1a94ac074fcb8ba2d0fd7c6951358ca98d9b290 /activesupport
parent: 41de23ec030f79f00aff3bf00640e855de42a9b8 (diff)
download: rails-268a29d49a5bba28598d3a65438b7fc0fb9d22e3.tar.gz
rails-268a29d49a5bba28598d3a65438b7fc0fb9d22e3.tar.bz2
rails-268a29d49a5bba28598d3a65438b7fc0fb9d22e3.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/activesupport/lib/active_support/core_ext/string/output_safety.rb b/activesupport/lib/active_support/core_ext/string/output_safety.rb
index f0f819cc45..c761325108 100644
--- a/activesupport/lib/active_support/core_ext/string/output_safety.rb
+++ b/activesupport/lib/active_support/core_ext/string/output_safety.rb
@@ -7,7 +7,7 @@ class ERB
     HTML_ESCAPE = { '&' => '&amp;',  '>' => '&gt;',   '<' => '&lt;', '"' => '&quot;', "'" => '&#39;' }
     JSON_ESCAPE = { '&' => '\u0026', '>' => '\u003e', '<' => '\u003c', "\u2028" => '\u2028', "\u2029" => '\u2029' }
     HTML_ESCAPE_REGEXP = /[&"'><]/
-    HTML_ESCAPE_ONCE_REGEXP = /["><']|&(?!([a-zA-Z]+|(#\d+)|(#[xX][\dA-Fa-f]{1,4}));)/
+    HTML_ESCAPE_ONCE_REGEXP = /["><']|&(?!([a-zA-Z]+|(#\d+)|(#[xX][\dA-Fa-f]+));)/
     JSON_ESCAPE_REGEXP = /[\u2028\u2029&><]/u
 
     # A utility method for escaping HTML tag characters.
author	Godfrey Chan <godfreykfc@gmail.com>	2014-07-02 15:48:23 -0700
committer	Godfrey Chan <godfreykfc@gmail.com>	2014-07-02 15:55:28 -0700
commit	268a29d49a5bba28598d3a65438b7fc0fb9d22e3 (patch)
tree	d1a94ac074fcb8ba2d0fd7c6951358ca98d9b290 /activesupport
parent	41de23ec030f79f00aff3bf00640e855de42a9b8 (diff)
download	rails-268a29d49a5bba28598d3a65438b7fc0fb9d22e3.tar.gz rails-268a29d49a5bba28598d3a65438b7fc0fb9d22e3.tar.bz2 rails-268a29d49a5bba28598d3a65438b7fc0fb9d22e3.zip