SweatCoder
asked on
escape single quote mark
when i escape a single quote mark (via ASP) in javascript, it still breaks (Ned's Test Project):
<A HREF="JavaScript:alert('Ne d%27s+Test +Project') ">click me</A>
when you click the "click me" link, it throws an error, evidently seeing the %27 as an actual single quote mark, becuase you get the identical behavior when you don't escape the character in the string.
is this a bug in javascript? is there a workaround?
I'm using IE 6.
<A HREF="JavaScript:alert('Ne
when you click the "click me" link, it throws an error, evidently seeing the %27 as an actual single quote mark, becuase you get the identical behavior when you don't escape the character in the string.
is this a bug in javascript? is there a workaround?
I'm using IE 6.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Better single escape character:
<A HREF="#" onclick="alert('Ned\'s+Tes t+Project' );return false;">click me</A>
<A HREF="#" onclick="alert('Ned\'s+Tes
And for your %27 question, look into browser status bar, and you will see that you have three quotas.
ASKER
three quotas? i guess you mean 3 quotes? actually, no. in the status bar when i hover over the link i see a single quote, as if the status bar is unescaping the single quote to show me the real string.
still doesn't explain this strange behavior.
still doesn't explain this strange behavior.
If you still want to display it in the status bar, do this:
<A HREF="Ned's Test Project" onclick="alert('Ned\\'s+Te st+Project ');return false;">click me</A>
<A HREF="Ned's Test Project" onclick="alert('Ned\\'s+Te
anything you put in the href is ignored when you return false from the onclick.
Hello knightEknight,
you posted twice a syntactically incorrect single source code line.
So I suppose that you did not do that by accident.
Can you explain why you think that your line is correct?
you posted twice a syntactically incorrect single source code line.
So I suppose that you did not do that by accident.
Can you explain why you think that your line is correct?
Only for completeness here the corrected syntax of upper line:
<A HREF=":: Ned's Test Project" onClick="alert('Ned\'s Test Project');return false;">click me</A>
<A HREF=":: Ned's Test Project" onClick="alert('Ned\'s Test Project');return false;">click me</A>
actually, it did not work for me unless I put two back-slashes ... I don't know why, but I recognize that it defies convention.
ASKER
that's odd. the single slash works right for me: ('Ned\'s Test Project')
Ok, thanks for the feedback.
My intention was only not to let this PAQ with wrong solution.
Cheers,
Zvonko
My intention was only not to let this PAQ with wrong solution.
Cheers,
Zvonko
ASKER
still no one has answered why javascript chokes on %27, as if it's the single quote itself rather than the escape code for the single quote.
What answer do you expect?
Your web server writes %27 to the browser stream.
Depending in which context is that stram embeddit, it is interpreted as html tag entity or as script String constant.
<A HREF="JavaScript:alert('Ne d\%27s+Tes t+Project' )">click me</A>
<script>alert('Ned%27s+Tes t+Project' )</script>
Your web server writes %27 to the browser stream.
Depending in which context is that stram embeddit, it is interpreted as html tag entity or as script String constant.
<A HREF="JavaScript:alert('Ne
<script>alert('Ned%27s+Tes
ASKER
the point is, i understand why js would break on an unescaped single quote inside a string surrounded by single quotes. i DO NOT understand why js would break on %27. it's got to be a bug in js.
It breaks because at that point is %27 already translated to apostroph by html tag interpreter.
As you see in my upper second line is %27 NOT translated to apostrophe in script section context, only in html tag context.
As you see in my upper second line is %27 NOT translated to apostrophe in script section context, only in html tag context.
ASKER
so, in other words, it's a bug. :-)
I wonder how you got your MCP :/
ASKER