use escape-html module to escape html

Another util bites the dust.

lib/response.js

@@ -6,7 +6,7 @@ var http = require('http')
   , path = require('path')
   , connect = require('connect')
   , mixin = require('utils-merge')
-  , utils = connect.utils
+  , escapeHtml = require('escape-html')
   , sign = require('cookie-signature').sign
   , normalizeType = require('./utils').normalizeType
   , normalizeTypes = require('./utils').normalizeTypes
@@ -706,7 +706,7 @@ res.redirect = function(url){
     },
 
     html: function(){
-      var u = utils.escape(url);
+      var u = escapeHtml(url);
       body = '<p>' + statusCodes[status] + '. Redirecting to <a href="' + u + '">' + u + '</a></p>';
     },
 

lib/utils.js

@@ -137,22 +137,6 @@ function acceptParams(str, index) {
   return ret;
 }
 
-/**
- * Escape special characters in the given string of html.
- *
- * @param  {String} html
- * @return {String}
- * @api private
- */
-
-exports.escape = function(html) {
-  return String(html)
-    .replace(/&/g, '&')
-    .replace(/"/g, '"')
-    .replace(/</g, '&lt;')
-    .replace(/>/g, '&gt;');
-};
-
 /**
  * Normalize the given path string,
  * returning a regular expression.

package.json

@@ -34,6 +34,7 @@
     "cookie-signature": "1.0.1",
     "merge-descriptors": "0.0.1",
     "utils-merge": "1.0.0",
+    "escape-html": "1.0.1",
     "debug": ">= 0.7.3 < 1"
   },
   "devDependencies": {

test/utils.js

@@ -41,10 +41,3 @@ describe('utils.flatten(arr)', function(){
       .should.eql(['one', 'two', 'three', 'four', 'five']);
   })
 })
-
-describe('utils.escape(html)', function(){
-  it('should escape html entities', function(){
-    utils.escape('<script>foo & "bar"')
-      .should.equal('&lt;script&gt;foo &amp; &quot;bar&quot;')
-  })
-})