From adc639bb263ad411c0081b2d786865186c31ec2c Mon Sep 17 00:00:00 2001
From: kazu <kazu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
Date: Sun, 17 Feb 2008 14:08:27 +0000
Subject: [PATCH] * lib/cgi.rb (CGI::escapeHTML): use gsub with Hash.
 [ruby-dev:33828]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@15526 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
 ChangeLog  | 4 ++++
 lib/cgi.rb | 8 +++++++-
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/ChangeLog b/ChangeLog
index 69f5aded91..d5a8cdd954 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+Sun Feb 17 23:06:55 2008  Kazuhiro NISHIYAMA  <zn@mbf.nifty.com>
+
+	* lib/cgi.rb (CGI::escapeHTML): use gsub with Hash. [ruby-dev:33828]
+
 Sun Feb 17 21:38:21 2008  NARUSE, Yui  <naruse@ruby-lang.org>
 
 	* encoding.c (ENC_CODERANGE_AND): fix broken case. [ruby-dev:33826]
diff --git a/lib/cgi.rb b/lib/cgi.rb
index 52502b3114..7997a58f4c 100644
--- a/lib/cgi.rb
+++ b/lib/cgi.rb
@@ -355,12 +355,18 @@ class CGI
     end
   end
 
+  TABLE_FOR_ESCAPE_HTML__ = {
+    '&' => '&amp;',
+    '"' => '&quot;',
+    '<' => '&lt;',
+    '>' => '&gt;',
+  }
 
   # Escape special characters in HTML, namely &\"<>
   #   CGI::escapeHTML('Usage: foo "bar" <baz>')
   #      # => "Usage: foo &quot;bar&quot; &lt;baz&gt;"
   def CGI::escapeHTML(string)
-    string.gsub(/&/, '&amp;').gsub(/\"/, '&quot;').gsub(/>/, '&gt;').gsub(/</, '&lt;')
+    string.gsub(/[&\"<>]/, TABLE_FOR_ESCAPE_HTML__)
   end