Merge pull request #4694 from pathawks/pr/xml_escape

Merge pull request 4694
jekyll · Mar 22, 2016 · e873934 · e873934
2 parents f542d81 + aeecbd7
commit e873934
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 2 deletions.
diff --git a/lib/jekyll/filters.rb b/lib/jekyll/filters.rb
@@ -117,7 +117,7 @@ def date_to_rfc822(date)
     #
     # Returns the escaped String.
     def xml_escape(input)
-      CGI.escapeHTML(input.to_s)
+      input.to_s.encode(:xml => :attr).gsub(/\A"|"\Z/, "")
     end
 
     # CGI escape a string for use in a URL. Replaces any special characters
@@ -308,7 +308,7 @@ def sample(input, num = 1)
     #
     # Returns a String representation of the object.
     def inspect(input)
-      CGI.escapeHTML(input.inspect)
+      xml_escape(input.inspect)
     end
 
     private

diff --git a/test/test_filters.rb b/test/test_filters.rb
@@ -394,6 +394,10 @@ def to_liquid
       should "return a HTML-escaped string representation of an object" do
         assert_equal "{&quot;&lt;a&gt;&quot;=&gt;1}", @filter.inspect({ "<a>" => 1 })
       end
+
+      should "quote strings" do
+        assert_equal "&quot;string&quot;", @filter.inspect("string")
+      end
     end
 
     context "slugify filter" do