--- lib/active_support/core_ext/string/output_safety.rb
+++ lib/active_support/core_ext/string/output_safety.rb
@@ -73,6 +73,7 @@ end
 
 module ActiveSupport #:nodoc:
   class SafeBuffer < String
+    UNSAFE_STRING_METHODS = ["capitalize", "chomp", "chop", "delete", "downcase", "gsub", "lstrip", "next", "reverse", "rstrip", "slice", "squeeze", "strip", "sub", "succ", "swapcase", "tr", "tr_s", "upcase"].freeze
     alias safe_concat concat
 
     def concat(value)
@@ -103,6 +104,18 @@ module ActiveSupport #:nodoc:
     def to_yaml(*args)
       to_str.to_yaml(*args)
     end
+
+    for unsafe_method in UNSAFE_STRING_METHODS
+      class_eval <<-EOT, __FILE__, __LINE__
+        def #{unsafe_method}(*args)
+          super.to_str
+        end
+
+        def #{unsafe_method}!(*args)
+          raise TypeError, "Cannot modify SafeBuffer in place"
+        end
+      EOT
+    end
   end
 end
 
--- test/safe_buffer_test.rb
+++ test/safe_buffer_test.rb
@@ -38,4 +38,16 @@ class SafeBufferTest < ActiveSupport::TestCase
     new_buffer = @buffer.to_s
     assert_equal ActiveSupport::SafeBuffer, new_buffer.class
   end
+
+  test "Should not return safe buffer from gsub" do
+    altered_buffer = @buffer.gsub('', 'asdf')
+    assert_equal 'asdf', altered_buffer
+    assert !altered_buffer.html_safe?
+  end
+
+  test "Should not allow gsub! on safe buffers" do
+    assert_raise TypeError do
+      @buffer.gsub!('', 'asdf')
+    end
+  end
 end