Issue #17992 has been updated by sawa (Tsuyoshi Sawada).


Note that escaping and unescaping is not symmetric. There may be a point in keeping escaping to the minimum for performance reasons. However, when it comes to unescaping, it would be useless unless all escaped characters are completely unescaped, including the optionally escaped characters. And I think that is the main focus of the linked questions.

So, while it may be better to execute optional escaping only by calling a method under a different method name or by using a gem, the unescaping feature of `CGI` should be supplemented and be made complete by default regardless of the impact on performance.

----------------------------------------
Feature #17992: Upstreaming the htmlentities gem into CGI#.(un)escape_html
https://bugs.ruby-lang.org/issues/17992#change-92520

* Author: AMomchilov (Alexander Momchilov)
* Status: Feedback
* Priority: Normal
----------------------------------------
Hi there,

I was looking to unescape some HTML entities in a String, and I discovered that `CGI#.(un)escape_html` is **really** limited. Many StackOverflow questions share a similar disappointment, and point users to using the [htmlentities gem](https://github.com/threedaymonk/htmlentities):

1. https://stackoverflow.com/a/383561/3141234
2. https://stackoverflow.com/a/22926384/3141234

This solved my problem, but I feel like something this standard/universal should be built-in. To that end, I'm interested in working on merging the htmlentities gem into CGI's repo. Would this be a welcome change?

* I've e-mailed the author (Paul Battley) privately, and got his blessing to do so.
* It's MIT licensed, so that should be OK.




-- 
https://bugs.ruby-lang.org/

Unsubscribe: <mailto:ruby-core-request / ruby-lang.org?subject=unsubscribe>
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-core>