Solved

escape single quote mark

Posted on 2004-04-26
18
3,398 Views
Last Modified: 2008-02-26
when i escape a single quote mark (via ASP) in javascript, it still breaks (Ned's Test Project):

<A HREF="JavaScript:alert('Ned%27s+Test+Project')">click me</A>

when you click the "click me" link, it throws an error, evidently seeing the %27 as an actual single quote mark, becuase you get the identical behavior when you don't escape the character in the string.

is this a bug in javascript? is there a workaround?

I'm using IE 6.
0
Comment
Question by:SweatCoder
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 6
  • 4
18 Comments
 
LVL 33

Accepted Solution

by:
knightEknight earned 125 total points
ID: 10922560
<A HREF="#" onclick="alert('Ned\\'s+Test+Project');return false;">click me</A>
0
 
LVL 11

Author Comment

by:SweatCoder
ID: 10922598
ok, but why does javascript choke on a %27 as if it's an unescaped single quote mark?
0
 
LVL 63

Expert Comment

by:Zvonko
ID: 10922599
Better single escape character:

<A HREF="#" onclick="alert('Ned\'s+Test+Project');return false;">click me</A>


0
Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

 
LVL 63

Expert Comment

by:Zvonko
ID: 10922623
And for your %27 question, look into browser status bar, and you will see that you have three quotas.
0
 
LVL 11

Author Comment

by:SweatCoder
ID: 10922733
three quotas? i guess you mean 3 quotes? actually, no. in the status bar when i hover over the link i see a single quote, as if the status bar is unescaping the single quote to show me the real string.

still doesn't explain this strange behavior.
0
 
LVL 33

Expert Comment

by:knightEknight
ID: 10922746
If you still want to display it in the status bar, do this:

<A HREF="Ned's Test Project" onclick="alert('Ned\\'s+Test+Project');return false;">click me</A>
0
 
LVL 33

Expert Comment

by:knightEknight
ID: 10922751
anything you put in the href is ignored when you return false from the onclick.
0
 
LVL 63

Expert Comment

by:Zvonko
ID: 10927523
Hello  knightEknight,

you posted twice a syntactically incorrect single source code line.
So I suppose that you did not do that by accident.
Can you explain why you think that your line is correct?

0
 
LVL 63

Expert Comment

by:Zvonko
ID: 10932046
Only for completeness here the corrected syntax of upper line:

<A HREF=":: Ned's Test Project" onClick="alert('Ned\'s Test Project');return false;">click me</A>


0
 
LVL 33

Expert Comment

by:knightEknight
ID: 10934146
actually, it did not work for me unless I put two back-slashes ... I don't know why, but I recognize that it defies convention.
0
 
LVL 11

Author Comment

by:SweatCoder
ID: 10934287
that's odd. the single slash works right for me:  ('Ned\'s Test Project')
0
 
LVL 63

Expert Comment

by:Zvonko
ID: 10935706
Ok, thanks for the feedback.
My intention was only not to let this PAQ with wrong solution.

Cheers,
Zvonko

0
 
LVL 11

Author Comment

by:SweatCoder
ID: 10939919
still no one has answered why javascript chokes on %27, as if it's the single quote itself rather than the escape code for the single quote.
0
 
LVL 63

Expert Comment

by:Zvonko
ID: 10940764
What answer do you expect?
Your web server writes %27 to the browser stream.
Depending in which context is that stram embeddit, it is interpreted as html tag entity or as script String constant.

<A HREF="JavaScript:alert('Ned\%27s+Test+Project')">click me</A>
<script>alert('Ned%27s+Test+Project')</script>


0
 
LVL 11

Author Comment

by:SweatCoder
ID: 10941090
the point is, i understand why js would break on an unescaped single quote inside a string surrounded by single quotes. i DO NOT understand why js would break on %27. it's got to be a bug in js.
0
 
LVL 63

Expert Comment

by:Zvonko
ID: 10941168
It breaks because at that point is %27 already translated to apostroph by html tag interpreter.
As you see in my upper second line is %27 NOT translated to apostrophe in script section context, only in html tag context.

0
 
LVL 11

Author Comment

by:SweatCoder
ID: 10941221
so, in other words, it's a bug.  :-)
0
 
LVL 63

Expert Comment

by:Zvonko
ID: 10941374
I wonder how you got your MCP :/
0

Featured Post

Salesforce Made Easy to Use

On-screen guidance at the moment of need enables you & your employees to focus on the core, you can now boost your adoption rates swiftly and simply with one easy tool.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I've been trying to accomplish this for a while and it just struck me yesterday how to accomplish this task. I have done searches all over the internet looking for ways to email pages from my applications and finally I have done it!!! Every single s…
Today, the web development industry is booming, and many people consider it to be their vocation. The question you may be asking yourself is – how do I become a web developer?
The viewer will learn the basics of jQuery, including how to invoke it on a web page. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery.: (CODE)
The viewer will learn the basics of jQuery including how to code hide show and toggles. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery…
Suggested Courses

621 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question