If anyone is wondering what exactly ruby'sCGI.escape_html escape, here is the list:
# The set of special characters and their escaped values TABLE_FOR_ESCAPE_HTML__ = {
"'" => ''',
'&' => '&',
'"' => '"',
'<' => '<',
'>' => '>',
}
You can find this defined here in the code: https://github.com/ruby/cgi/blob/c05edf5608e86822a9e1fb0a40b0a7658ff38d56/lib/cgi/util.rb#L29
So, tldr; its escapes ', &, ", <, >
OKBye!
Top comments (0)