- fixed a couple of compilation warnings on 1.9.3
- moved to rspec2
- remove hard-conversion to utf-8 to preserve the string's original encoding
- moved to rake-compiler, Bundler
- pass through incompletely escaped data on unescaping
- added tilde to escape_{uri,url}specs (It's a difference between CGI.escape and URI.escape)
- escape_uri and escape_url now match their Ruby counterparts ** escape_uri is used where URI.escape is, and escape_url is used where CGI.escape is used.
- performance and memory usage optimizations
- add a flag as an optional 2nd parameter to EscapeUtils.escape_html to disable/enable the escaping of the '/' character. Defaults to the new flag EscapeUtils.html_secure
- fix URI escaping one last time ;)
- fix URI escaping to act according to the RFC
- add specs for URL escaping
- support for URI escaping added (thanks to @joshbuddy)
- bugfix to ensure we don't drop opening tags during escape_javascript (thanks to @nagybence)
- add URL escaping and unescaping
- major refactor of HTML and Javascript escaping and unescaping logic for a decent speed up
- HTML escaping now takes html_safe? into account (for Rails/ActiveSupport users) - thanks yury!
- ensure strings are passed in from monkey-patches
- cleaned some code up, removing duplication
- moved to a more flexible character encoding scheme using Encoding.defaut_internal for 1.9 users
- forgot to add the ActionView monkey patch for JS escaping ;)
- added javascript escaping
- initial release