lib/rack/utils.rb in rack-1.2.0 vs lib/rack/utils.rb in rack-1.2.1

@@ -126,16 +126,21 @@
         prefix
       end
     end
     module_function :build_nested_query
 
+    ESCAPE_HTML = {
+      "&" => "&",
+      "<" => "&lt;",
+      ">" => "&gt;",
+      "'" => "&#39;",
+      '"' => "&quot;",
+    }
+    ESCAPE_HTML_PATTERN = Regexp.union(ESCAPE_HTML.keys)
+
     # Escape ampersands, brackets and quotes to their HTML/XML entities.
     def escape_html(string)
-      string.to_s.gsub("&", "&amp;").
-        gsub("<", "&lt;").
-        gsub(">", "&gt;").
-        gsub("'", "&#39;").
-        gsub('"', "&quot;")
+      string.to_s.gsub(ESCAPE_HTML_PATTERN){|c| ESCAPE_HTML[c] }
     end
     module_function :escape_html
 
     def select_best_encoding(available_encodings, accept_encoding)
       # http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html