Is there a better HTML escaping and unescaping tool than CGI for Ruby?

Question

CGI.escapeHTML is pretty bad, but CGI.unescapeHTML is completely borked. For example:

require 'cgi'

CGI.unescapeHTML('&#8230;')
# => "…"                    # correct - an ellipsis

CGI.unescapeHTML('&hellip;')
# => "&hellip;"             # should be "…"

CGI.unescapeHTML('&#162;')
# => "\242"                 # correct - a cent

CGI.unescapeHTML('&cent;')
# => "&cent;"               # should be "\242"

CGI.escapeHTML("…")
# => "…"                    # should be "&#8230;"

It appears that unescapeHTML knows about all of the numeric codes plus &, <, >, and ". And escapeHTML only knows about those last four -- it doesn't do any of the numeric codes. I understand that escaping doesn't generally need to be as robust since HTML will allow the literal versions of most characters except the four that CGI.escapeHTML knows about. But unescaping should really be better.

Is there a better tool out there, at least for unescaping?

titanous · Accepted Answer

The htmlentities gem should do the trick:

require 'rubygems'
require 'htmlentities'

coder = HTMLEntities.new

coder.decode('&#8230;') # => "…"
coder.decode('&hellip;') # => "…"
coder.decode('&#162;') # => "¢"
coder.decode('&cent;') # => "¢"
coder.encode("…", :named) # => "&hellip;"
coder.encode("…", :decimal) # => "&#8230;"

Chris Lloyd · Answer

require 'rubygems'
require 'hpricot'

Hpricot('&#8230;', :xhtml_strict => true).to_plain_text

Though you might have to fiddle around with the character encoding.

Is there a better HTML escaping and unescaping tool than CGI for Ruby?

Tags:

html

ruby

escaping

James A. Rosen

2 Answers

titanous

Chris Lloyd

Recent Activity

Donate For Us

Is there a better HTML escaping and unescaping tool than CGI for Ruby?

Tags:

html

ruby

escaping

James A. Rosen

2 Answers

titanous

Chris Lloyd

Related questions

Recent Activity

Donate For Us