Adds escape_html method to Thor::Util module

pdx91 · pdx91 · commit f1d58221da74 · 2019-11-20T10:20:54.000-08:00
diff --git a/lib/thor/shell/html.rb b/lib/thor/shell/html.rb
@@ -51,13 +51,13 @@ class HTML < Basic
       def set_color(string, *colors)
         if colors.all? { |color| color.is_a?(Symbol) || color.is_a?(String) }
           html_colors = colors.map { |color| lookup_color(color) }
-          "<span style=\"#{html_colors.join('; ')};\">#{CGI.escapeHTML(string)}</span>"
+          "<span style=\"#{html_colors.join('; ')};\">#{Thor::Util.escape_html(string)}</span>"
         else
           color, bold = colors
           html_color = self.class.const_get(color.to_s.upcase) if color.is_a?(Symbol)
           styles = [html_color]
           styles << BOLD if bold
-          "<span style=\"#{styles.join('; ')};\">#{CGI.escapeHTML(string)}</span>"
+          "<span style=\"#{styles.join('; ')};\">#{Thor::Util.escape_html(string)}</span>"
         end
       end
 
diff --git a/lib/thor/util.rb b/lib/thor/util.rb
@@ -263,6 +263,22 @@ def ruby_command
       def escape_globs(path)
         path.to_s.gsub(/[*?{}\[\]]/, '\\\\\\&')
       end
+
+      # Returns a string that has had any HTML characters escaped.
+      #
+      # ==== Examples
+      #
+      #   Thor::Util.escape_html('<div>')   # => "&lt;div&gt;"
+      #
+      # ==== Parameters
+      # String
+      #
+      # ==== Returns
+      # String
+      #
+      def escape_html(string)
+        CGI.escapeHTML(string)
+      end
     end
   end
 end
