How to HTML encode/escape a string? Is there a built-in?

Checkout the Ruby CGI class. There are methods to encode and decode HTML as well as URLs.

CGI::escapeHTML('Usage: foo "bar" <baz>')
# => "Usage: foo &quot;bar&quot; &lt;baz&gt;"

The h helper method:

<%=h "<p> will be preserved" %>