/// HTML-escape a string for safe interpolation into element content or attributes.
///
/// Escapes all five HTML-significant characters: `& < > " '`.
pub(crate) fn html_escape(s: &str) -> String {
    s.replace('&', "&amp;")
        .replace('<', "&lt;")
        .replace('>', "&gt;")
        .replace('"', "&quot;")
        .replace('\'', "&#x27;")
}

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn escapes_all_five_chars() {
        assert_eq!(
            html_escape("A & B < C > D \" E ' F"),
            "A &amp; B &lt; C &gt; D &quot; E &#x27; F"
        );
    }

    #[test]
    fn no_change_for_safe_string() {
        assert_eq!(html_escape("hello world"), "hello world");
    }

    #[test]
    fn empty_string() {
        assert_eq!(html_escape(""), "");
    }
}