Skip to content
Browse files

The hex escape sequence can be of any length

  • Loading branch information...
1 parent 11365dc commit 49447a3d0fc86a0c73f5dfcebce74896e8f333a5 @chancancode chancancode committed Jul 2, 2014
Showing with 1 addition and 1 deletion.
  1. +1 −1 activesupport/lib/active_support/core_ext/string/output_safety.rb
View
2 activesupport/lib/active_support/core_ext/string/output_safety.rb
@@ -6,7 +6,7 @@ module Util
HTML_ESCAPE = { '&' => '&amp;', '>' => '&gt;', '<' => '&lt;', '"' => '&quot;', "'" => '&#39;' }
JSON_ESCAPE = { '&' => '\u0026', '>' => '\u003e', '<' => '\u003c', "\u2028" => '\u2028', "\u2029" => '\u2029' }
HTML_ESCAPE_REGEXP = /[&"'><]/
- HTML_ESCAPE_ONCE_REGEXP = /["><']|&(?!([a-zA-Z]+|(#\d+)|(#[xX][\dA-Fa-f]{1,4}));)/
+ HTML_ESCAPE_ONCE_REGEXP = /["><']|&(?!([a-zA-Z]+|(#\d+)|(#[xX][\dA-Fa-f]+));)/
JSON_ESCAPE_REGEXP = /[\u2028\u2029&><]/u
# A utility method for escaping HTML tag characters.

0 comments on commit 49447a3

Please sign in to comment.
Something went wrong with that request. Please try again.