using a variable named "apos" in url

RESOLVED INVALID

Status

()

Firefox
General
RESOLVED INVALID
12 years ago
12 years ago

People

(Reporter: Lionel Capt, Unassigned)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

12 years ago
User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.8.0.3) Gecko/20060426 Firefox/1.5.0.3
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.8.0.3) Gecko/20060426 Firefox/1.5.0.3

Hi,

There is a problem when you submit a variable named "apos" as a second element in an URL. Firefox change this name to the char "apostroph". See this example:

<html>
<head>
</head>
<body>
<a href="test.php?aid=1&apos=2>test with aid=1 and apos=2</a>
</body>
</html>

When you click on this link, the url is translated to:

a href="test.php?aid=1'=2

it seem that Firefox don't check for the trailling ";" after the "&apos" and this is why it translate this variabe to the char "apostroph".

Regards,


Reproducible: Always

Comment 1

12 years ago
& should be encoded as &amp; in (X)HTML. If you do that, does it work?
opera851 interprets as &apos as &apos here; konq352 sees '. w3c-markup-validator sees the apos entity (but fails to find one, *shrug*). Anyway, there's no reason to write this in such an ambiguous way.
OS: Windows XP → All
See bug 223838 (especially comments #1, #2) for why Mozilla/Firefox doesn't require the semicolon at the ends of entities.
Status: UNCONFIRMED → RESOLVED
Last Resolved: 12 years ago
Resolution: --- → INVALID
(Reporter)

Comment 4

12 years ago
ok, if i understand ( sorry for my bad english) my only choice is to never use form variable name like lt, gt, amp, quot or apos because they don't be correctly transmit by Firefox to my script. Right ?
no, you just need to express the literal & you want to see in the url correctly by its entity reference; see comment 1.
You need to log in before you can comment on or make changes to this bug.