Closed Bug 283746 Opened 20 years ago Closed 20 years ago

escaped quotes broken

Categories

(Firefox :: General, defect)

Product:
Firefox
Component:
General
Platform:
PowerPC
macOS
Type:
defect
Priority:
Not set
Severity:
major

Tracking

()

Status:
RESOLVED INVALID

People

(Reporter: mozilla, Assigned: bugzilla)

References

(
URL
)

Details

User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.7.5) Gecko/20041107 Firefox/1.0 Build Identifier: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.7.5) Gecko/20041107 Firefox/1.0 In the example page listed, the following input field declaration: Text field: <input name=stuff type=text size=50 value="This is some \"pre-filled\", quoted data"> Gets rendered as: Text field: <input name=stuff type=text size=50 value="This is some \"pre-filled\, quoted data> Reproducible: Always Steps to Reproduce: 1. See the example page 2. 3. Expected Results: Properly handled the escapes so that all of the text was entered into the input field.
On further research, it looks like in someone's infinite wisdom, escaping is not part of the html spec. From "http://www.w3schools.com/html/html_elements.asp": In some rare situations, like when the attribute value itself contains quotes, it is necessary to use single quotes: name='John "ShotGun" Nelson' I still consider it a bug, but apparently it's a bug in HTML, not in Firefox...
Status: UNCONFIRMED → RESOLVED
Closed: 20 years ago
Resolution: --- → INVALID
If you are using a string with quotes for the name attribute you are shooting yourself in the foot and I don't think it's actually valid (didn't check the specs though). To use a string with quotes in the value attribute use html entities: value="this &quot;is a&quot; test"
Thanks, I forgot about that and it seems to do the right thing (i.e. it's not ending up getting into the data in the database).
You need to log in before you can comment on or make changes to this bug.