Fix: single quote in name are not escaped.

lib/action_view/encoded_mail_to/mail_to_with_encoding.rb

@@ -2,6 +2,7 @@
 module ActionView
   module EncodedMailTo
     module MailToWithEncoding
+      include ActionView::Helpers::JavaScriptHelper
       # Creates a mailto link tag to the specified +email_address+, which is
       # also used as the name of the link unless +name+ is specified. Additional
       # HTML attributes for the link can be passed in +html_options+.
@@ -73,6 +74,7 @@ def _mail_to_with_encoding(email_address, name = nil, html_options = {}, &block)
 
           case encode
           when "javascript"
+            name = escape_javascript(name) if name
             string = ''
             set_attributes = ''
             html_options.merge("href" => "mailto:#{email_address}#{extras}".html_safe).each_pair do |option_name,value|

test/test_actionview-encoded_mail_to.rb

@@ -153,4 +153,10 @@ def test_mail_to_returns_html_safe_string
     assert mail_to("me@domain.com", "My email", encode: "hex").html_safe?
   end
 
+  def test_escapes_single_quote_in_link_text
+    assert_match(
+      /<script id=\"mail_to-\S+\">eval\(decodeURIComponent\('%76%61%72%20%73%63%72%69%70%74%20%3d%20%64%6f%63%75%6d%65%6e%74%2e%67%65%74%45%6c%65%6d%65%6e%74%42%79%49%64%28%27%6d%61%69%6c%5f%74%6f%2d\S+%27%29%3b%76%61%72%20%61%20%3d%20%64%6f%63%75%6d%65%6e%74%2e%63%72%65%61%74%65%45%6c%65%6d%65%6e%74%28%27%61%27%29%3b%61%2e%73%65%74%41%74%74%72%69%62%75%74%65%28%27%68%72%65%66%27%2c%20%27%6d%61%69%6c%74%6f%3a%6d%65%40%64%6f%6d%61%69%6e%2e%63%6f%6d%27%29%3b%61%2e%61%70%70%65%6e%64%43%68%69%6c%64%28%64%6f%63%75%6d%65%6e%74%2e%63%72%65%61%74%65%54%65%78%74%4e%6f%64%65%28%27%4d%79%20%5c%27%65%6d%61%69%6c%5c%27%27%29%29%3b%73%63%72%69%70%74%2e%70%61%72%65%6e%74%4e%6f%64%65%2e%69%6e%73%65%72%74%42%65%66%6f%72%65%28%61%2c%73%63%72%69%70%74%29%3b'\)\)<\/script>/,
+      mail_to("me@domain.com", "My 'email'", encode: "javascript")
+    )
+  end
 end