From 83b51875bb0a229889fb297d7abe2b5eb5de6c64 Mon Sep 17 00:00:00 2001
From: riking <rikingcoding@gmail.com>
Date: Mon, 9 Feb 2015 15:02:49 -0800
Subject: [PATCH] Use html_escape method instead of gsub

---
 app/models/topic.rb | 8 +-------
 1 file changed, 1 insertion(+), 7 deletions(-)

diff --git a/app/models/topic.rb b/app/models/topic.rb
index 9a0e93d942e..19a3da5902e 100644
--- a/app/models/topic.rb
+++ b/app/models/topic.rb
@@ -249,13 +249,7 @@ class Topic < ActiveRecord::Base
   end
 
   def fancy_title
-    sanitized_title = title.gsub(/['&\"<>]/, {
-        "'" => '&#39;',
-        '&' => '&amp;',
-        '"' => '&quot;',
-        '<' => '&lt;',
-        '>' => '&gt;',
-      })
+    sanitized_title = ERB::Util.html_escape(title)
 
     return unless sanitized_title
     return sanitized_title unless SiteSetting.title_fancy_entities?