--- /dev/null
+define(['../lang/toString'], function(toString) {
+
+ /**
+ * Escapes a string for insertion into HTML.
+ */
+ function escapeHtml(str){
+ str = toString(str)
+ .replace(/&/g, '&')
+ .replace(/</g, '<')
+ .replace(/>/g, '>')
+ .replace(/'/g, ''')
+ .replace(/"/g, '"');
+ return str;
+ }
+
+ return escapeHtml;
+
+});