From 02358c83b76f9fc56b6cabaee24b244d17d08cff Mon Sep 17 00:00:00 2001
From: Rick Olson <technoweenie@gmail.com>
Date: Wed, 18 Oct 2006 15:58:07 +0000
Subject: Fix double-escaped entities, such as &amp;amp;, &amp;#123;, etc.
 [Rick]

git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@5321 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
---
 actionpack/lib/action_view/helpers/tag_helper.rb | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'actionpack/lib/action_view/helpers/tag_helper.rb')

diff --git a/actionpack/lib/action_view/helpers/tag_helper.rb b/actionpack/lib/action_view/helpers/tag_helper.rb
index 6c71b8b767..6001b21e63 100644
--- a/actionpack/lib/action_view/helpers/tag_helper.rb
+++ b/actionpack/lib/action_view/helpers/tag_helper.rb
@@ -34,7 +34,7 @@ module ActionView
       private
         def tag_options(options)
           cleaned_options = convert_booleans(options.stringify_keys.reject {|key, value| value.nil?})
-          ' ' + cleaned_options.map {|key, value| %(#{key}="#{html_escape(value.to_s)}")}.sort * ' ' unless cleaned_options.empty?
+          ' ' + cleaned_options.map {|key, value| %(#{key}="#{fix_double_escape(html_escape(value.to_s))}")}.sort * ' ' unless cleaned_options.empty?
         end
 
         def convert_booleans(options)
@@ -45,6 +45,11 @@ module ActionView
         def boolean_attribute(options, attribute)
           options[attribute] ? options[attribute] = attribute : options.delete(attribute)
         end
+        
+        # Fix double-escaped entities, such as &amp;amp;, &amp;#123;, etc.
+        def fix_double_escape(escaped)
+          escaped.gsub(/&amp;([a-z]+|(#\d+));/i) { "&#{$1};" }
+        end
     end
   end
 end
-- 
cgit v1.2.3