* lib/cgi.rb (CGI::escapeHTML): use gsub with Hash. [ruby-dev:33828]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@15526 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2022-11-09 12:17:21 -05:00 · 2008-02-17 14:08:27 +00:00 · 2008-02-17 14:08:27 +00:00 · adc639bb26
commit adc639bb26
parent 8dd8dfce21
2 changed files with 11 additions and 1 deletions
--- a/4
+++ b/4
@ -1,3 +1,7 @@
+Sun Feb 17 23:06:55 2008  Kazuhiro NISHIYAMA  <zn@mbf.nifty.com>
+
+	* lib/cgi.rb (CGI::escapeHTML): use gsub with Hash. [ruby-dev:33828]
+
 Sun Feb 17 21:38:21 2008  NARUSE, Yui  <naruse@ruby-lang.org>

 	* encoding.c (ENC_CODERANGE_AND): fix broken case. [ruby-dev:33826]
--- a/lib/cgi.rb
+++ b/lib/cgi.rb
@ -355,12 +355,18 @@ class CGI
    end
  end

+  TABLE_FOR_ESCAPE_HTML__ = {
+    '&' => '&amp;',
+    '"' => '&quot;',
+    '<' => '&lt;',
+    '>' => '&gt;',
+  }

  # Escape special characters in HTML, namely &\"<>
  #   CGI::escapeHTML('Usage: foo "bar" <baz>')
  #      # => "Usage: foo &quot;bar&quot; &lt;baz&gt;"
  def CGI::escapeHTML(string)
-    string.gsub(/&/, '&amp;').gsub(/\"/, '&quot;').gsub(/>/, '&gt;').gsub(/</, '&lt;')
+    string.gsub(/[&\"<>]/, TABLE_FOR_ESCAPE_HTML__)
  end