1 files changed, 4 insertions, 3 deletions

diff --git a/lib/rdoc/servlet.rb b/lib/rdoc/servlet.rb
index f2d6dd5adc..79550fe63b 100644
--- a/lib/rdoc/servlet.rb
+++ b/lib/rdoc/servlet.rb
@@ -1,5 +1,6 @@
 # frozen_string_literal: true
 require 'rdoc'
+require 'erb'
 require 'time'
 require 'json'
 require 'webrick'
@@ -111,7 +112,7 @@ class RDoc::Servlet < WEBrick::HTTPServlet::AbstractServlet
   # GET request entry point.  Fills in +res+ for the path, etc. in +req+.
 
   def do_GET req, res
-    req.path = req.path.sub(/^#{Regexp.escape @mount_path}/o, '') if @mount_path
+    req.path.sub!(/^#{Regexp.escape @mount_path}/o, '') if @mount_path
 
     case req.path
     when '/' then
@@ -427,14 +428,14 @@ version.  If you're viewing Ruby's documentation, include the version of ruby.
       end
 
       raise WEBrick::HTTPStatus::NotFound,
-            "Could not find gem \"#{source_name}\". Are you sure you installed it?" unless ri_dir
+            "Could not find gem \"#{ERB::Util.html_escape(source_name)}\". Are you sure you installed it?" unless ri_dir
 
       store = RDoc::Store.new ri_dir, type
 
       return store if File.exist? store.cache_path
 
       raise WEBrick::HTTPStatus::NotFound,
-            "Could not find documentation for \"#{source_name}\". Please run `gem rdoc --ri gem_name`"
+            "Could not find documentation for \"#{ERB::Util.html_escape(source_name)}\". Please run `gem rdoc --ri gem_name`"
 
     end
   end