* lib/cgi.rb (CGI::escapeHTML): use gsub with Hash. [ruby-dev:33828]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@15526 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
author: kazu <kazu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2008-02-17 14:08:27 +0000
committer: kazu <kazu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2008-02-17 14:08:27 +0000
commit: adc639bb263ad411c0081b2d786865186c31ec2c (patch)
tree: e8e7a267c9daf90ac2b8dbe6d4fea10514e09650 /lib/cgi.rb
parent: 8dd8dfce21d9ac6c7d791a9d95a11e6f7839d545 (diff)
download: ruby-adc639bb263ad411c0081b2d786865186c31ec2c.tar.gz
1 files changed, 7 insertions, 1 deletions
diff --git a/lib/cgi.rb b/lib/cgi.rb
index 52502b3114..7997a58f4c 100644
--- a/lib/cgi.rb
+++ b/lib/cgi.rb
@@ -355,12 +355,18 @@ class CGI
     end
   end
 
+  TABLE_FOR_ESCAPE_HTML__ = {
+    '&' => '&amp;',
+    '"' => '&quot;',
+    '<' => '&lt;',
+    '>' => '&gt;',
+  }
 
   # Escape special characters in HTML, namely &\"<>
   #   CGI::escapeHTML('Usage: foo "bar" <baz>')
   #      # => "Usage: foo &quot;bar&quot; &lt;baz&gt;"
   def CGI::escapeHTML(string)
-    string.gsub(/&/, '&amp;').gsub(/\"/, '&quot;').gsub(/>/, '&gt;').gsub(/</, '&lt;')
+    string.gsub(/[&\"<>]/, TABLE_FOR_ESCAPE_HTML__)
   end
author	kazu <kazu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2008-02-17 14:08:27 +0000
committer	kazu <kazu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2008-02-17 14:08:27 +0000
commit	adc639bb263ad411c0081b2d786865186c31ec2c (patch)
tree	e8e7a267c9daf90ac2b8dbe6d4fea10514e09650 /lib/cgi.rb
parent	8dd8dfce21d9ac6c7d791a9d95a11e6f7839d545 (diff)
download	ruby-adc639bb263ad411c0081b2d786865186c31ec2c.tar.gz