From 49aed8e7e932d22bd5051377beedb49fae945e47 Mon Sep 17 00:00:00 2001
From: James Campos <james.r.campos@gmail.com>
Date: Fri, 11 Feb 2011 00:16:24 -0800
Subject: [PATCH] escape all reserved chars

---
 lib/ck.coffee | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/lib/ck.coffee b/lib/ck.coffee
index 0f65a16..22be35f 100644
--- a/lib/ck.coffee
+++ b/lib/ck.coffee
@@ -68,9 +68,13 @@ scope =
     html += "#{indent}#{doctypes[key]}"
     return
   esc: (str) ->
-    str
-      .replace(/&/g, '&amp;')
-      .replace(/</g, '&lt;')
+    str.replace /[&<>"']/g, (c) ->
+      switch c
+        when '&' then '&amp;'
+        when '<' then '&lt;'
+        when '>' then '&gt;'
+        when '"' then '&quot;'
+        when "'" then '&#39;'
   ie: (expr, arg) ->
     html += "#{newline}#{indent}<!--[if #{expr}]>"
     nest arg