diff --git a/mustache.js b/mustache.js index cad9ebb..90c2e07 100644 --- a/mustache.js +++ b/mustache.js @@ -58,7 +58,6 @@ } var entityMap = { - '&': '&', '<': '<', '>': '>', '"': '"', @@ -67,11 +66,10 @@ '`': '`', '=': '=' }; - - function escapeHtml (string) { - return String(string).replace(/[&<>"'`=\/]/g, function fromEntityMap (s) { - return entityMap[s]; - }); + function escapeHtml(string) { + return String(string) + .replace(/[<>"'\/]/g, function (s) { return entityMap[s]; }) + .replace(/&(?![A-Za-z0-9#][A-Za-z0-9]+;)+/g, '&'); } var whiteRe = /\s*/;