diff options
-rw-r--r-- | ChangeLog | 4 | ||||
-rw-r--r-- | lib/cgi.rb | 8 |
2 files changed, 11 insertions, 1 deletions
@@ -1,3 +1,7 @@ +Sun Feb 17 23:06:55 2008 Kazuhiro NISHIYAMA <zn@mbf.nifty.com> + + * lib/cgi.rb (CGI::escapeHTML): use gsub with Hash. [ruby-dev:33828] + Sun Feb 17 21:38:21 2008 NARUSE, Yui <naruse@ruby-lang.org> * encoding.c (ENC_CODERANGE_AND): fix broken case. [ruby-dev:33826] diff --git a/lib/cgi.rb b/lib/cgi.rb index 52502b3114..7997a58f4c 100644 --- a/lib/cgi.rb +++ b/lib/cgi.rb @@ -355,12 +355,18 @@ class CGI end end + TABLE_FOR_ESCAPE_HTML__ = { + '&' => '&', + '"' => '"', + '<' => '<', + '>' => '>', + } # Escape special characters in HTML, namely &\"<> # CGI::escapeHTML('Usage: foo "bar" <baz>') # # => "Usage: foo "bar" <baz>" def CGI::escapeHTML(string) - string.gsub(/&/, '&').gsub(/\"/, '"').gsub(/>/, '>').gsub(/</, '<') + string.gsub(/[&\"<>]/, TABLE_FOR_ESCAPE_HTML__) end |