From b06af5a44f47ec6cf5f203e8eb318868eac0ae86 Mon Sep 17 00:00:00 2001
From: Pat Hawks <pat@pathawks.com>
Date: Mon, 21 Mar 2016 11:07:46 -0700
Subject: [PATCH 1/2] Use encode for xml_escape filter

---
 lib/jekyll/filters.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/jekyll/filters.rb b/lib/jekyll/filters.rb
index 183c9c58..02523d9c 100644
--- a/lib/jekyll/filters.rb
+++ b/lib/jekyll/filters.rb
@@ -117,7 +117,7 @@ module Jekyll
     #
     # Returns the escaped String.
     def xml_escape(input)
-      CGI.escapeHTML(input.to_s)
+      input.to_s.encode(:xml => :attr).gsub(/\A"|"\Z/, "")
     end
 
     # CGI escape a string for use in a URL. Replaces any special characters
@@ -308,7 +308,7 @@ module Jekyll
     #
     # Returns a String representation of the object.
     def inspect(input)
-      CGI.escapeHTML(input.inspect)
+      xml_escape(input.inspect)
     end
 
     private

From aeecbd741f5a6ed6e36f37ef7b4a1b30012ea9bf Mon Sep 17 00:00:00 2001
From: Pat Hawks <pat@pathawks.com>
Date: Mon, 21 Mar 2016 15:45:29 -0700
Subject: [PATCH 2/2] Add test to inspect strings

---
 test/test_filters.rb | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/test/test_filters.rb b/test/test_filters.rb
index de59bc02..4ded0cd6 100644
--- a/test/test_filters.rb
+++ b/test/test_filters.rb
@@ -394,6 +394,10 @@ class TestFilters < JekyllUnitTest
       should "return a HTML-escaped string representation of an object" do
         assert_equal "{&quot;&lt;a&gt;&quot;=&gt;1}", @filter.inspect({ "<a>" => 1 })
       end
+
+      should "quote strings" do
+        assert_equal "&quot;string&quot;", @filter.inspect("string")
+      end
     end
 
     context "slugify filter" do