2 files changed, 17 insertions, 1 deletions

diff --git a/actionpack/lib/action_controller/vendor/html-scanner.rb b/actionpack/lib/action_controller/vendor/html-scanner.rb
new file mode 100644
index 0000000000..f622d195ee
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/html-scanner.rb
@@ -0,0 +1,16 @@
+$LOAD_PATH << "#{File.dirname(__FILE__)}/html-scanner"
+
+module HTML
+  autoload :CDATA, 'html/node'
+  autoload :Document, 'html/document'
+  autoload :FullSanitizer, 'html/sanitizer'
+  autoload :LinkSanitizer, 'html/sanitizer'
+  autoload :Node, 'html/node'
+  autoload :Sanitizer, 'html/sanitizer'
+  autoload :Selector, 'html/selector'
+  autoload :Tag, 'html/node'
+  autoload :Text, 'html/node'
+  autoload :Tokenizer, 'html/tokenizer'
+  autoload :Version, 'html/version'
+  autoload :WhiteListSanitizer, 'html/sanitizer'
+end
diff --git a/actionpack/lib/action_controller/vendor/html-scanner/html/sanitizer.rb b/actionpack/lib/action_controller/vendor/html-scanner/html/sanitizer.rb
index 12c8405101..ae20f9947c 100644
--- a/actionpack/lib/action_controller/vendor/html-scanner/html/sanitizer.rb
+++ b/actionpack/lib/action_controller/vendor/html-scanner/html/sanitizer.rb
@@ -160,7 +160,7 @@ module HTML
         if !options[:attributes].include?(attr_name) || contains_bad_protocols?(attr_name, value)
           node.attributes.delete(attr_name)
         else
-          node.attributes[attr_name] = attr_name == 'style' ? sanitize_css(value) : CGI::escapeHTML(value)
+          node.attributes[attr_name] = attr_name == 'style' ? sanitize_css(value) : CGI::escapeHTML(CGI::unescapeHTML(value))
         end
       end
     end