Closed Bug 212805 Opened 22 years ago Closed 22 years ago

[FIX]Quotes stripped too much from attr values in innerHTML (nsHTMLFragmentSink)

Categories

(Core :: DOM: HTML Parser, defect, P2)

Product:
Core
Component:
DOM: HTML Parser
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla1.5beta

People

(Reporter: jlim, Assigned: bzbarsky)

Details

(Keywords: testcase)

Attachments

(2 files)

Extended testcase
765 bytes, text/html
Details
Sync up the fragment sink with the HTML sink
5.32 KB, patch
john
: review+
jst
: superreview+
Details | Diff | Splinter Review
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.4) Gecko/20030624 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.4) Gecko/20030624 In the following HTML, the first INPUT should have initial value "hello" (quotes included), but on Moz 1.4, the quote characters are stripped out!! <body onload="init()"> <form name=f> </form> <form name=g> </form> <script> <!-- function init() { document.f.innerHTML = "<input name=b value='&quot;hello&quot;'>"; document.g.innerHTML = "<input name=b value='&quot;hello&quot; '>"; } --> </script> </body> Reproducible: Always Steps to Reproduce: 1. Open up the above HTML 2. 3. Actual Results: You see one input box with value: hello You see the second input box with value: "hello" Expected Results: The first input box should have quote characters, like "hello"
Confirmed. Not entirely certain how innerHTML works, but the testcase I'm about to attach shows that character references and a "high" Unicode general entity reference work. This might be related to bug 177863.
Status: UNCONFIRMED → NEW
Ever confirmed: true
Keywords: testcase
Summary: Quotes are stripped out of INPUT values. → General entity recognition problems in innerHTML parsing
Comment on attachment 127837 [details] [diff] [review] Sync up the fragment sink with the HTML sink we need to actually share these functions someday, but updating them is a happy thing for now.
Attachment #127837 - Flags: review+
Taking. Putting summary back to something relevant to this bug.
Assignee: harishd → bzbarsky
OS: Windows 2000 → All
Priority: -- → P2
Hardware: PC → All
Summary: General entity recognition problems in innerHTML parsing → Quotes stripped too much from attr values in innerHTML (nsHTMLFragmentSink)
Target Milestone: --- → mozilla1.5beta
Summary: Quotes stripped too much from attr values in innerHTML (nsHTMLFragmentSink) → [FIX]Quotes stripped too much from attr values in innerHTML (nsHTMLFragmentSink)
Attachment #127837 - Flags: superreview?(jst)
Comment on attachment 127837 [details] [diff] [review] Sync up the fragment sink with the HTML sink How about making AddAttributes() in the content sink a non-static non-member function and calling that from here? And while you're at it, take out the call to HasAttr() before setting the attrs. That's wrong, and costly. Any interest, or would you prefere to do that in a separate patch?
> And while you're at it, take out the call to HasAttr() before setting the attrs. > That's wrong, and costly. And unfortunately needed for IE compat, as far as I can tell. Check what IE does on this markup: <input value="foo" value="bar"> I'd rather leave content sink refactoring for another patch, especially since peterv is already working on something like that....
Hmm, I've been misinformed then (re the double attributes)...
Comment on attachment 127837 [details] [diff] [review] Sync up the fragment sink with the HTML sink sr=jst
Attachment #127837 - Flags: superreview?(jst) → superreview+
Well, it's possible that I've been misinformed too -- I have no way to test IE if you recall... ;) I just had some people on #mozilla retest that <input value="foo" value="bar"> case, though, and IE 5.5 and IE 6 both show "foo". Anyway, bug 213347 filed on the HasAttr issue with a proposed fix; this patch is checked in.
Status: NEW → RESOLVED
Closed: 22 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: