1 files changed, 37 insertions, 2 deletions

diff --git a/activesupport/lib/active_support/core_ext/string/output_safety.rb b/activesupport/lib/active_support/core_ext/string/output_safety.rb
index 0b40c3d799..638152626b 100644
--- a/activesupport/lib/active_support/core_ext/string/output_safety.rb
+++ b/activesupport/lib/active_support/core_ext/string/output_safety.rb
@@ -135,10 +135,12 @@ module ActiveSupport #:nodoc:
   class SafeBuffer < String
     UNSAFE_STRING_METHODS = %w(
       capitalize chomp chop delete delete_prefix delete_suffix
-      downcase gsub lstrip next reverse rstrip slice squeeze strip
-      sub succ swapcase tr tr_s unicode_normalize upcase
+      downcase lstrip next reverse rstrip slice squeeze strip
+      succ swapcase tr tr_s unicode_normalize upcase
     )
 
+    UNSAFE_STRING_METHODS_WITH_BACKREF = %w(gsub sub)
+
     alias_method :original_concat, :concat
     private :original_concat
 
@@ -253,11 +255,44 @@ module ActiveSupport #:nodoc:
       end
     end
 
+    UNSAFE_STRING_METHODS_WITH_BACKREF.each do |unsafe_method|
+      if unsafe_method.respond_to?(unsafe_method)
+        class_eval <<-EOT, __FILE__, __LINE__ + 1
+          def #{unsafe_method}(*args, &block)             # def gsub(*args, &block)
+            if block                                      #   if block
+              to_str.#{unsafe_method}(*args) { |*params|  #     to_str.gsub(*args) { |*params|
+                set_block_back_references(block, $~)      #       set_block_back_references(block, $~)
+                block.call(*params)                       #       block.call(*params)
+              }                                           #     }
+            else                                          #   else
+              to_str.#{unsafe_method}(*args)              #     to_str.gsub(*args)
+            end                                           #   end
+          end                                             # end
+
+          def #{unsafe_method}!(*args, &block)            # def gsub!(*args, &block)
+            @html_safe = false                            #   @html_safe = false
+            if block                                      #   if block
+              super(*args) { |*params|                    #     super(*args) { |*params|
+                set_block_back_references(block, $~)      #       set_block_back_references(block, $~)
+                block.call(*params)                       #       block.call(*params)
+              }                                           #     }
+            else                                          #   else
+              super                                       #     super
+            end                                           #   end
+          end                                             # end
+        EOT
+      end
+    end
+
     private
 
       def html_escape_interpolated_argument(arg)
         (!html_safe? || arg.html_safe?) ? arg : CGI.escapeHTML(arg.to_s)
       end
+
+      def set_block_back_references(block, match_data)
+        block.binding.eval("proc { |m| $~ = m }").call(match_data)
+      end
   end
 end