add method to erb. Protect from XSS attack.

I think change the origin <%= method is not always good. maybe add a <%~ method is better.

$ gem install erb_safe_ext

<%~ "<script>alert('safety:)');</script>" %>
## &lt;script&gt;alert(&#39;safety:)&#39;);&lt;/script&gt;

<%= "<script>alert('danger!');</script>" %>
## <script>alert('danger!');</script>

require 'erb_safe_ext'
template = ERB.new <<-EOF
<%~ "<script>alert('safety:)');</script>" %>
<%= "<script>alert('danger!');</script>" %>
----finish----
EOF
puts template.result

<%= "<script>alert('safety:)');</script>" %>
## &lt;script&gt;alert(&#39;safety:)&#39;);&lt;/script&gt;

it will default wrap the dangerous code with ERB::Util.html_escape(code)

works fine with ruby2.0.

the <%== is the backup of ERB's original <%= function.

<%== "<script>alert('danger!');</script>" %>
## <script>alert('danger!');</script>

require 'erb_safe_ext'
template = ERB.new <<-EOF
<%= "<script>alert('safety:)');</script>" %>
<%#= 'here' -%>
<%== "<script>alert('danger!');</script>" %>
----finish----
EOF
puts template.result

work fine with sinatra(current version is 1.4.4).

but don't do following things:

1. require 'erubis'

2. add gems that dependent on erubis, such as better_errors (you may find out all dependences in file Gemfile.lock)

the original sinatra exception template display ugly with erb_safe_ext, so I rewrite it.

require 'sinatra/base'
require 'erb_safe_ext/sinatra/exception_template'