Index: includes/common.inc
===================================================================
RCS file: /cvs/drupal/drupal/includes/common.inc,v
retrieving revision 1.756.2.91
diff -u -p -r1.756.2.91 common.inc
--- includes/common.inc	30 Jun 2010 11:14:14 -0000	1.756.2.91
+++ includes/common.inc	14 Jul 2010 00:30:40 -0000
@@ -2500,9 +2500,26 @@ function drupal_to_js($var) {
       return $var;
     case 'resource':
     case 'string':
-      return '"'. str_replace(array("\r", "\n", "<", ">", "&"),
-                              array('\r', '\n', '\x3c', '\x3e', '\x26'),
-                              addslashes($var)) .'"';
+      static $replace_pairs;
+
+      if (!isset($replace_pairs)) {
+        $replace_pairs = array(
+          '\\' => '\u005c',
+          '<' => '\u003c',
+          '>' => '\u003e',
+          '&' => '\u0026',
+          '"' => '\u0022',
+          '/' => '\u002f',
+          "'" => '\u0027',
+          "\xe2\x80\xa8" => '\u2028', // Line Separator
+          "\xe2\x80\xa9" => '\u2029', // Paragraph Separator
+        );
+        // Remaining unicode replacements.
+        for ($i = 0; $i < 32; $i++) {
+          $replace_pairs[chr($i)] = '\u00' . sprintf("%02s", dechex($i));
+        }
+      }
+      return '"'. strtr($var, $replace_pairs) .'"';
     case 'array':
       // Arrays in JSON can't be associative. If the array is empty or if it
       // has sequential whole number keys starting with 0, it's not associative