Feature #1724: Support for "&*uml;"-HTML-codes in ERB::Util.html_escape (solution included)
http://redmine.ruby-lang.org/issues/show/1724

Author: Volkmar Schulz
Status: Open, Priority: Normal

Certain language specific chars like the german "Umlaute" are represented in HTML with "ä" (ä), "ü" (ü) etc.
Since ERB::Util.html_escape escapes the & to become "&" one cannot use these HTML codes.

To work around this problem I modified ERB::Util.html_escape like this:

    def html_escape(s)
      s.to_s.gsub(/&(?!.uml)/, "&amp;").gsub(/\"/, "&quot;").gsub(/>/, "&gt;").gsub(/</, "&lt;")
    end

The modification is in the first call of gsub where I added the condition (?!.uml).
it forces the function to ignore the "&" if it is followed by a pattern that indicates one of the aforementiond HTML-codes.

I consider this being a safe modification.


----------------------------------------
http://redmine.ruby-lang.org