5 files changed, 30 insertions, 4 deletions

diff --git a/actionpack/test/template/erb_util_test.rb b/actionpack/test/template/erb_util_test.rb
index 30f6d1a213..790ab1c74c 100644
--- a/actionpack/test/template/erb_util_test.rb
+++ b/actionpack/test/template/erb_util_test.rb
@@ -16,6 +16,16 @@ class ErbUtilTest < Test::Unit::TestCase
     end
   end
 
+  def test_json_escape_returns_unsafe_strings_when_passed_unsafe_strings
+    value = json_escape("asdf")
+    assert !value.html_safe?
+  end
+
+  def test_json_escape_returns_safe_strings_when_passed_safe_strings
+    value = json_escape("asdf".html_safe)
+    assert value.html_safe?
+  end
+
   def test_html_escape_is_html_safe
     escaped = h("<p>")
     assert_equal "&lt;p&gt;", escaped
diff --git a/actionpack/test/template/form_helper_test.rb b/actionpack/test/template/form_helper_test.rb
index 5296556fe6..0507045ad2 100644
--- a/actionpack/test/template/form_helper_test.rb
+++ b/actionpack/test/template/form_helper_test.rb
@@ -1890,7 +1890,7 @@ class FormHelperTest < ActionView::TestCase
     assert_dom_equal expected, output_buffer
   end
 
-  def snowman(method = nil)
+  def hidden_fields(method = nil)
     txt =  %{<div style="margin:0;padding:0;display:inline">}
     txt << %{<input name="utf8" type="hidden" value="&#x2713;" />}
     if method && !method.to_s.in?(['get', 'post'])
@@ -1918,7 +1918,7 @@ class FormHelperTest < ActionView::TestCase
       method = options
     end
 
-    form_text(action, id, html_class, remote, multipart, method) + snowman(method) + contents + "</form>"
+    form_text(action, id, html_class, remote, multipart, method) + hidden_fields(method) + contents + "</form>"
   end
 
   def test_default_form_builder
diff --git a/actionpack/test/template/form_tag_helper_test.rb b/actionpack/test/template/form_tag_helper_test.rb
index f95308b847..979251bfd1 100644
--- a/actionpack/test/template/form_tag_helper_test.rb
+++ b/actionpack/test/template/form_tag_helper_test.rb
@@ -9,7 +9,7 @@ class FormTagHelperTest < ActionView::TestCase
     @controller = BasicController.new
   end
 
-  def snowman(options = {})
+  def hidden_fields(options = {})
     method = options[:method]
 
     txt =  %{<div style="margin:0;padding:0;display:inline">}
@@ -34,7 +34,7 @@ class FormTagHelperTest < ActionView::TestCase
   end
 
   def whole_form(action = "http://www.example.com", options = {})
-    out = form_text(action, options) + snowman(options)
+    out = form_text(action, options) + hidden_fields(options)
 
     if block_given?
       out << yield << "</form>"
diff --git a/actionpack/test/template/javascript_helper_test.rb b/actionpack/test/template/javascript_helper_test.rb
index 538e0e9874..dd8b7b7cd5 100644
--- a/actionpack/test/template/javascript_helper_test.rb
+++ b/actionpack/test/template/javascript_helper_test.rb
@@ -30,6 +30,15 @@ class JavaScriptHelperTest < ActionView::TestCase
     assert_equal %(dont <\\/close> tags), j(%(dont </close> tags))
   end
 
+  def test_escape_javascript_with_safebuffer
+    given = %('quoted' "double-quoted" new-line:\n </closed>)
+    expect = %(\\'quoted\\' \\"double-quoted\\" new-line:\\n <\\/closed>)
+    assert_equal expect, escape_javascript(given)
+    assert_equal expect, escape_javascript(ActiveSupport::SafeBuffer.new(given))
+    assert_instance_of String, escape_javascript(given)
+    assert_instance_of ActiveSupport::SafeBuffer, escape_javascript(ActiveSupport::SafeBuffer.new(given))
+  end
+
   def test_button_to_function
     assert_dom_equal %(<input type="button" onclick="alert('Hello world!');" value="Greeting" />),
       button_to_function("Greeting", "alert('Hello world!')")
diff --git a/actionpack/test/template/number_helper_test.rb b/actionpack/test/template/number_helper_test.rb
index 0104c20bc7..0e3475d98b 100644
--- a/actionpack/test/template/number_helper_test.rb
+++ b/actionpack/test/template/number_helper_test.rb
@@ -283,33 +283,40 @@ class NumberHelperTest < ActionView::TestCase
     assert number_to_human(1).html_safe?
     assert !number_to_human("<script></script>").html_safe?
     assert number_to_human("asdf".html_safe).html_safe?
+    assert number_to_human("1".html_safe).html_safe?
 
     assert number_to_human_size(1).html_safe?
     assert number_to_human_size(1000000).html_safe?
     assert !number_to_human_size("<script></script>").html_safe?
     assert number_to_human_size("asdf".html_safe).html_safe?
+    assert number_to_human_size("1".html_safe).html_safe?
 
     assert number_with_precision(1, :strip_insignificant_zeros => false).html_safe?
     assert number_with_precision(1, :strip_insignificant_zeros => true).html_safe?
     assert !number_with_precision("<script></script>").html_safe?
     assert number_with_precision("asdf".html_safe).html_safe?
+    assert number_with_precision("1".html_safe).html_safe?
 
     assert number_to_currency(1).html_safe?
     assert !number_to_currency("<script></script>").html_safe?
     assert number_to_currency("asdf".html_safe).html_safe?
+    assert number_to_currency("1".html_safe).html_safe?
 
     assert number_to_percentage(1).html_safe?
     assert !number_to_percentage("<script></script>").html_safe?
     assert number_to_percentage("asdf".html_safe).html_safe?
+    assert number_to_percentage("1".html_safe).html_safe?
 
     assert number_to_phone(1).html_safe?
     assert_equal "&lt;script&gt;&lt;/script&gt;", number_to_phone("<script></script>")
     assert number_to_phone("<script></script>").html_safe?
     assert number_to_phone("asdf".html_safe).html_safe?
+    assert number_to_phone("1".html_safe).html_safe?
 
     assert number_with_delimiter(1).html_safe?
     assert !number_with_delimiter("<script></script>").html_safe?
     assert number_with_delimiter("asdf".html_safe).html_safe?
+    assert number_with_delimiter("1".html_safe).html_safe?
   end
 
   def test_number_helpers_should_raise_error_if_invalid_when_specified