Rename CGI.escape_html to CGI.escape_xhtml

trans · claude · trans · commit c07ef01a64c6 · 2026-04-01T15:18:43.000-04:00
Avoids overriding Ruby's built-in CGI.escape_html. Also fixes two bugs
in the original: :defualt typo and 'node' instead of 'mode' in error.

Co-Authored-By: Claude Opus 4.6 (1M context) &lt;noreply@anthropic.com&gt;
diff --git a/lib/standard/facets/cgi/escape_html.rb b/lib/standard/facets/cgi/escape_html.rb
@@ -2,26 +2,25 @@
 
 class CGI
 
-  # Extends `#escape_html` to support escape modes. By default all strings
-  # are escaped on `&`, `>` and `<`. Add the `:nonstandard` mode to omit
-  # this conversion.
+  # Extended HTML/XHTML escaping with mode support. Unlike Ruby's built-in
+  # `CGI.escape_html`, this supports additional escape modes.
   #
-  # If no mode is given then the `:default` mode is used.
-  #
-  # Available modes include:
+  # Available modes:
   # * `:quote`     - escapes single and double quotes
   # * `:newlines`  - escapes newline characters (\r and \n)
   # * `:ampersand` - escapes the ampersand sign
   # * `:brackets`  - escapes less-than and greater-than signs
   # * `:default`   - escapes double quotes
   #
+  # By default all strings are escaped on `&`, `>`, `<` and `"`.
+  #
   # @example
-  #   escape_html("<tag>")  #=> "&lt;tag&gt;"
-  #   escape_html("Example\nString", :newlines)  #=> "Example&#13;&#10;String"
-  #   escape_html("\"QUOTE\"", false)  #=> "\"QUOTE\""
+  #   CGI.escape_xhtml("<tag>")  #=> "&lt;tag&gt;"
+  #   CGI.escape_xhtml("Example\nString", :newlines)  #=> "Example&#13;&#10;String"
+  #   CGI.escape_xhtml("\"QUOTE\"", false)  #=> "\"QUOTE\""
   #
-  def self.escape_html(string, *modes)
-    modes << :defualt if modes.empty?
+  def self.escape_xhtml(string, *modes)
+    modes << :default if modes.empty?
 
     unless modes.include?(:nonstandard)
       string = string.gsub(/&/, '&amp;').gsub(/>/, '&gt;').gsub(/</, '&lt;')
@@ -32,7 +31,7 @@ def self.escape_html(string, *modes)
         case mode
         when :quote, :quotes
           string.gsub(%r|"|,'&quot;').gsub(%r|'|,'&#39;')
-        when :newlines, :newlines
+        when :newlines
           string.gsub(/[\r\n]+/,'&#13;&#10;')
         when :ampersand
           string.gsub(/&/, '&amp;')
@@ -41,23 +40,13 @@ def self.escape_html(string, *modes)
         when :default, true
           string.gsub(/\"/, '&quot;')
         when false
+          string
         else
-          raise ArgumentError, "unrecognized HTML escape mode -- #{node}"
+          raise ArgumentError, "unrecognized HTML escape mode -- #{mode}"
         end
     end
-  end
 
-  class << self
-    # @deprecated
-    alias :escapeHTML :escape_html
-  end
-
-  if RUBY_VERSION < '1.9'
-    class << self
-      alias :unescape_html :unescapeHTML
-      alias :escape_element :escapeElement
-      alias :unescape_element :unescapeElement
-    end
+    string
   end
 
 end
