From 608eddc6f5465c642bd02f5523a8e486a87020b1 Mon Sep 17 00:00:00 2001
From: Carlos Antonio da Silva <carlosantoniodasilva@gmail.com>
Date: Thu, 12 Jan 2012 21:04:02 -0200
Subject: Move escape_once logic to ERB::Util, where it belongs to

All the logic is based on the HTML_ESCAPE constant available in
ERB::Util, so it seems more logic to have the entire method there and
just delegate the helper to use it.
---
 .../lib/active_support/core_ext/string/output_safety.rb   | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

(limited to 'activesupport/lib/active_support/core_ext/string')

diff --git a/activesupport/lib/active_support/core_ext/string/output_safety.rb b/activesupport/lib/active_support/core_ext/string/output_safety.rb
index 73aa7dd89a..a8d51abbb5 100644
--- a/activesupport/lib/active_support/core_ext/string/output_safety.rb
+++ b/activesupport/lib/active_support/core_ext/string/output_safety.rb
@@ -33,6 +33,21 @@ class ERB
     singleton_class.send(:remove_method, :html_escape)
     module_function :html_escape
 
+    # Returns an escaped version of +html+ without affecting existing escaped entities.
+    #
+    # ==== Examples
+    #   html_escape_once("1 < 2 &amp; 3")
+    #   # => "1 &lt; 2 &amp; 3"
+    #
+    #   html_escape_once("&lt;&lt; Accept & Checkout")
+    #   # => "&lt;&lt; Accept &amp; Checkout"
+    def html_escape_once(s)
+      result = s.to_s.gsub(/[\"><]|&(?!([a-zA-Z]+|(#\d+));)/) { |special| HTML_ESCAPE[special] }
+      s.html_safe? ? result.html_safe : result
+    end
+
+    module_function :html_escape_once
+
     # A utility method for escaping HTML entities in JSON strings
     # using \uXXXX JavaScript escape sequences for string literals:
     #
-- 
cgit v1.2.3