From 80f16a4aaf26efe3b54ad731c4b0eafa6b1e8a9e Mon Sep 17 00:00:00 2001
From: pyoor <pyoor@users.noreply.github.com>
Date: Thu, 2 Aug 2018 14:26:17 -0400
Subject: [PATCH] Only escape minimal characters and allow HTML escapes

---
 lib/utils/common.js | 17 ++++++++++++++---
 1 file changed, 14 insertions(+), 3 deletions(-)

diff --git a/lib/utils/common.js b/lib/utils/common.js
index f9b3101..d30f0ed 100644
--- a/lib/utils/common.js
+++ b/lib/utils/common.js
@@ -30,11 +30,22 @@ class common extends utils {
     return list
   }
 
-  static quote (s) {
+  /**
+   * Escape and quote a string
+   * @param s {string} - String to be quoted
+   * @param html {boolean} - Identifies whether the string must be HTML safe
+   * @returns {*}
+   */
+  static quote (s, html = false) {
+    const options = {
+      minimal: true,
+      isScriptContext: html
+    }
+
     if (typeof s === 'string') {
-      return `'${jsesc(s)}'`
+      return `'${jsesc(s, options)}'`
     } else {
-      return jsesc(s)
+      return jsesc(s, options)
     }
   }