diff --git a/lib/rails_xss/action_view.rb b/lib/rails_xss/action_view.rb
index cf26fae..8f26269 100644
--- a/lib/rails_xss/action_view.rb
+++ b/lib/rails_xss/action_view.rb
@@ -33,7 +33,7 @@ def simple_format_with_escaping(text, html_options = {})
     module TagHelper
       private
         def content_tag_string_with_escaping(name, content, options, escape = true)
-          content_tag_string_without_escaping(name, ERB::Util.h(content), options, escape)
+          content_tag_string_without_escaping(name, escape ? ERB::Util.h(content) : content, options, escape)
         end
         alias_method_chain :content_tag_string, :escaping
     end
diff --git a/test/tag_helper_test.rb b/test/tag_helper_test.rb
new file mode 100644
index 0000000..2a42809
--- /dev/null
+++ b/test/tag_helper_test.rb
@@ -0,0 +1,21 @@
+require 'test_helper'
+
+class TagHelperTest < ActionView::TestCase
+
+  def test_content_tag
+    assert_equal "<a href=\"create\">Create</a>", content_tag("a", "Create", "href" => "create")
+    assert content_tag("a", "Create", "href" => "create").html_safe?
+    assert_equal content_tag("a", "Create", "href" => "create"),
+                 content_tag("a", "Create", :href => "create")
+    assert_equal "<p>&lt;script&gt;evil_js&lt;/script&gt;</p>",
+                 content_tag(:p, '<script>evil_js</script>')
+    assert_equal "<p><script>evil_js</script></p>",
+                 content_tag(:p, '<script>evil_js</script>', nil, false)
+  end
+
+  def test_tag_honors_html_safe_for_param_values
+    ['1&amp;2', '1 &lt; 2', '&#8220;test&#8220;'].each do |escaped|
+      assert_equal %(<a href="#{escaped}" />), tag('a', :href => escaped.html_safe)
+    end
+  end
+end