Add a single quote to the HTML set of characters that should be escaped.

gson/src/main/java/com/google/gson/Escaper.java

@@ -54,6 +54,7 @@ class Escaper {
     htmlEscapeSet.add('>');
     htmlEscapeSet.add('&');
     htmlEscapeSet.add('=');
+    htmlEscapeSet.add('\'');
  //   htmlEscapeSet.add('/');  -- Removing slash for now since it causes some incompatibilities
     HTML_ESCAPE_CHARS = Collections.unmodifiableSet(htmlEscapeSet);
   }
@@ -113,6 +114,9 @@ class Escaper {
          case '"':
            out.append('\\').append((char) codePoint);
            break;
+         case '\'':
+           out.append('\\').append((char) codePoint);
+           break;
          default:
            appendHexJavaScriptRepresentation(codePoint, out);
            break;
@@ -133,7 +137,7 @@ class Escaper {
 
   private static boolean isControlCharacter(int codePoint) {
     // JSON spec defines these code points as control characters, so they must be escaped
-    return codePoint < 0x20 
+    return codePoint < 0x20
         || codePoint == 0x2028  // Line separator
         || codePoint == 0x2029  // Paragraph separator
         || (codePoint >= 0x7f && codePoint <= 0x9f);

gson/src/test/java/com/google/gson/EscaperTest.java

@@ -59,11 +59,17 @@ public class EscaperTest extends TestCase {
     assertEquals("123\\t456", escapedString);
   }
 
-  public void testQuoteEscaping() throws Exception {
+  public void testDoubleQuoteEscaping() throws Exception {
     String containsQuote = "123\"456";
     String escapedString = escapeHtmlChar.escapeJsonString(containsQuote);
     assertEquals("123\\\"456", escapedString);
   }
+  
+  public void testSingleQuoteEscaping() throws Exception {
+    String containsQuote = "123'456";
+    String escapedString = escapeHtmlChar.escapeJsonString(containsQuote);
+    assertEquals("123\\'456", escapedString);
+  }
 
   public void testLineSeparatorEscaping() throws Exception {
     String src = "123\u2028 456";
@@ -138,7 +144,7 @@ public class EscaperTest extends TestCase {
 
   public void testSingleQuoteNotEscaped() throws Exception {
     String containsSingleQuote = "123'456";
-    String escapedString = escapeHtmlChar.escapeJsonString(containsSingleQuote);
+    String escapedString = noEscapeHtmlChar.escapeJsonString(containsSingleQuote);
     assertEquals(containsSingleQuote, escapedString);
   }
 

gson/src/test/java/com/google/gson/functional/EscapingTest.java

@@ -13,13 +13,21 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
+
 package com.google.gson.functional;
 
 import com.google.gson.Gson;
+import com.google.gson.GsonBuilder;
 import com.google.gson.common.TestTypes.BagOfPrimitives;
 
 import junit.framework.TestCase;
 
+/**
+ * Performs some functional test involving JSON output escaping.
+ *
+ * @author Inderjeet Singh
+ * @author Joel Leitch
+ */
 public class EscapingTest extends TestCase {
   private Gson gson;
 
@@ -47,4 +55,17 @@ public class EscapingTest extends TestCase {
     BagOfPrimitives expectedObject = gson.fromJson(jsonRepresentation, BagOfPrimitives.class);
     assertEquals(objWithPrimitives.getExpectedJson(), expectedObject.getExpectedJson());
   }
+  
+  public void testGsonAcceptsEscapedAndNonEscapedJsonDeserialization() throws Exception {
+    Gson escapeHtmlGson = new GsonBuilder().create();
+    Gson noEscapeHtmlGson = new GsonBuilder().disableHtmlEscaping().create();
+    
+    BagOfPrimitives target = new BagOfPrimitives(1L, 1, true, "test' / w'ith\" / \\ <script>");
+    String escapedJsonForm = escapeHtmlGson.toJson(target);
+    String nonEscapedJsonForm = noEscapeHtmlGson.toJson(target);
+    assertFalse(escapedJsonForm.equals(nonEscapedJsonForm));
+    
+    assertEquals(target, noEscapeHtmlGson.fromJson(escapedJsonForm, BagOfPrimitives.class));
+    assertEquals(target, escapeHtmlGson.fromJson(nonEscapedJsonForm, BagOfPrimitives.class));
+  }
 }