cool, thanks.Two patches, one for t/net/util.pl and one for src/modules/perl/Util.xs. Apply them from the root of the untarred source.
you know, the test compares the results of Apache::Util::escape_html() to HTML::Entities::encode, both of which do not translate ' into &apos by default.
some of us on modperl-dev had a discussion with Doug recently about expanding Apache::Util::escape_html() to do things like HTML::Entities (such as high-bit characters) and it was decided it was a bad idea.
see:
http://marc.theaimsgroup.com/?l=apache-modperl-cvs&m=101708056429561&w=2
and doug's reply:
http://marc.theaimsgroup.com/?l=apache-modperl-dev&m=101708105030300&w=2
namely "i had a bad feeling about this. we should not be implementing escape_html to begin with, the functionality should all be in apache."
so... I could work this up and submit it, but I doubt that it would make it in to core, especially since it goes above and beyond HTML::Entities (the standard AFAICT).
if you really need single quotes escaped, you could always change calls to Apache::Util::escape_html() to HTML::Entities::encode_entities() and pass it your special escapes:
use HTML::Entities qw(encode_entities);
my $bad = qq!some unescaped 'quotes'!;
my $good = encode_entities($bad, qq!'!);
print "$good\n";
HTH
--Geoff