From 330327eeecd3666a7b9b407e804b36cb1bc3cb48 Mon Sep 17 00:00:00 2001
From: Santiago Pastorino <santiago@wyeworks.com>
Date: Mon, 18 Oct 2010 13:58:57 -0200
Subject: Call html_escape in ERB::Util module and don't mix it in in the
 helpers

---
 actionpack/lib/action_view/helpers/form_tag_helper.rb | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'actionpack/lib/action_view/helpers/form_tag_helper.rb')

diff --git a/actionpack/lib/action_view/helpers/form_tag_helper.rb b/actionpack/lib/action_view/helpers/form_tag_helper.rb
index ae83b6bf39..92645f5cf9 100644
--- a/actionpack/lib/action_view/helpers/form_tag_helper.rb
+++ b/actionpack/lib/action_view/helpers/form_tag_helper.rb
@@ -1,6 +1,7 @@
 require 'cgi'
 require 'action_view/helpers/tag_helper'
 require 'active_support/core_ext/object/blank'
+require 'active_support/core_ext/string/output_safety'
 
 module ActionView
   # = Action View Form Tag Helpers
@@ -287,7 +288,7 @@ module ActionView
         end
 
         escape = options.key?("escape") ? options.delete("escape") : true
-        content = html_escape(content) if escape
+        content = ERB::Util.html_escape(content) if escape
 
         content_tag :textarea, content.to_s.html_safe, { "name" => name, "id" => sanitize_to_id(name) }.update(options)
       end
-- 
cgit v1.2.3