From 172c34a24fc7aac5c4e254f57ee0384f15202aea Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Eric=20Br=C3=A9chemier?= <eric@bezen.org>
Date: Mon, 20 Feb 2012 12:30:55 +0100
Subject: [PATCH] Bug fix: do not escape & in &#39; entity for apostrophe

The fix consists in adding #? in the negative look-ahead expected to reject
entity references:
  &          // character '&'
  (?!        // not followed by
    #?       //   an optional # (numerical entity), followed by
    \w+      //   a word, followed by
    ;        //   character ';'
  )

instead of
  &          // character '&'
  (?!        // not followed by
    \w+      //   a word, followed by
    ;        //   character ';'
  )
---
 mustache.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/mustache.js b/mustache.js
index 28bed23..6259024 100644
--- a/mustache.js
+++ b/mustache.js
@@ -44,7 +44,7 @@ var Mustache = function () {
   };
 
   function escapeHTML(string) {
-    return String(string).replace(/&(?!\w+;)|[<>"']/g, function (s) {
+    return String(string).replace(/&(?!#?\w+;)|[<>"']/g, function (s) {
       return escapeMap[s] || s;
     });
   }