use EscapeUtils to escape HTML

korny · korny · commit 00eeb882c592 · 2013-07-14T02:25:39.000+02:00
diff --git a/coderay.gemspec b/coderay.gemspec
@@ -29,6 +29,8 @@ Gem::Specification.new do |s|
   s.executables   = `git ls-files -- bin/*`.split("\n").map { |f| File.basename(f) }
   s.require_paths = ['lib']
   
+  s.add_dependency "escape_utils", "~> 0.3"
+  
   s.rubyforge_project = s.name
   s.rdoc_options      = '-SNw2', "-m#{readme_file}", '-t CodeRay Documentation'
   s.extra_rdoc_files  = readme_file
diff --git a/lib/coderay/encoders/html.rb b/lib/coderay/encoders/html.rb
@@ -1,4 +1,5 @@
 require 'set'
+require 'escape_utils'
 
 module CodeRay
 module Encoders
@@ -126,22 +127,6 @@ class HTML < Encoder
     
   protected
     
-    def self.make_html_escape_hash
-      {
-        '&' => '&amp;',
-        '"' => '&quot;',
-        '>' => '&gt;',
-        '<' => '&lt;',
-        # "\t" => will be set to ' ' * options[:tab_width] during setup
-      }.tap do |hash|
-        # Escape ASCII control codes except \x9 == \t and \xA == \n.
-        (Array(0x00..0x8) + Array(0xB..0x1F)).each { |invalid| hash[invalid.chr] = ' ' }
-      end
-    end
-    
-    HTML_ESCAPE = make_html_escape_hash
-    HTML_ESCAPE_PATTERN = /[\t"&><\0-\x8\xB-\x1F]/
-    
     TOKEN_KIND_TO_INFO = Hash.new do |h, kind|
       h[kind] = kind.to_s.gsub(/_/, ' ').gsub(/\b\w/) { $&.capitalize }
     end
@@ -180,7 +165,7 @@ def setup options
       
       @break_lines = (options[:break_lines] == true)
       
-      @HTML_ESCAPE = HTML_ESCAPE.merge("\t" => ' ' * options[:tab_width])
+      @expand_tab = ' ' * options[:tab_width]
       
       @opened = []
       @last_opened = nil
@@ -218,7 +203,13 @@ def finish options
     def text_token text, kind
       style = @span_for_kinds[@last_opened ? [kind, *@opened] : kind]
       
-      text = text.gsub(/#{HTML_ESCAPE_PATTERN}/o) { |m| @HTML_ESCAPE[m] } if text =~ /#{HTML_ESCAPE_PATTERN}/o
+      text = EscapeUtils.escape_html(text)
+      if text.index(/[\0-\t\xB-\x1F]/)
+        # Escape ASCII control codes except \x9 == \t and \xA == \n.
+        text.tr!("\0-\x8\xB-\x1F", ' ') if text.index(/[\0-\x8\xB-\x1F]/)
+        text.gsub!("\t", @expand_tab)   if text.index("\t")
+      end
+      
       text = break_lines(text, style) if @break_lines && (style || @opened.size > 0) && text.index("\n")
       
       if style
