[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3402
  • Last Modified:

escape single quote mark

when i escape a single quote mark (via ASP) in javascript, it still breaks (Ned's Test Project):

<A HREF="JavaScript:alert('Ned%27s+Test+Project')">click me</A>

when you click the "click me" link, it throws an error, evidently seeing the %27 as an actual single quote mark, becuase you get the identical behavior when you don't escape the character in the string.

is this a bug in javascript? is there a workaround?

I'm using IE 6.
0
SweatCoder
Asked:
SweatCoder
  • 8
  • 6
  • 4
1 Solution
 
knightEknightCommented:
<A HREF="#" onclick="alert('Ned\\'s+Test+Project');return false;">click me</A>
0
 
SweatCoderAuthor Commented:
ok, but why does javascript choke on a %27 as if it's an unescaped single quote mark?
0
 
ZvonkoSystems architectCommented:
Better single escape character:

<A HREF="#" onclick="alert('Ned\'s+Test+Project');return false;">click me</A>


0
Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

 
ZvonkoSystems architectCommented:
And for your %27 question, look into browser status bar, and you will see that you have three quotas.
0
 
SweatCoderAuthor Commented:
three quotas? i guess you mean 3 quotes? actually, no. in the status bar when i hover over the link i see a single quote, as if the status bar is unescaping the single quote to show me the real string.

still doesn't explain this strange behavior.
0
 
knightEknightCommented:
If you still want to display it in the status bar, do this:

<A HREF="Ned's Test Project" onclick="alert('Ned\\'s+Test+Project');return false;">click me</A>
0
 
knightEknightCommented:
anything you put in the href is ignored when you return false from the onclick.
0
 
ZvonkoSystems architectCommented:
Hello  knightEknight,

you posted twice a syntactically incorrect single source code line.
So I suppose that you did not do that by accident.
Can you explain why you think that your line is correct?

0
 
ZvonkoSystems architectCommented:
Only for completeness here the corrected syntax of upper line:

<A HREF=":: Ned's Test Project" onClick="alert('Ned\'s Test Project');return false;">click me</A>


0
 
knightEknightCommented:
actually, it did not work for me unless I put two back-slashes ... I don't know why, but I recognize that it defies convention.
0
 
SweatCoderAuthor Commented:
that's odd. the single slash works right for me:  ('Ned\'s Test Project')
0
 
ZvonkoSystems architectCommented:
Ok, thanks for the feedback.
My intention was only not to let this PAQ with wrong solution.

Cheers,
Zvonko

0
 
SweatCoderAuthor Commented:
still no one has answered why javascript chokes on %27, as if it's the single quote itself rather than the escape code for the single quote.
0
 
ZvonkoSystems architectCommented:
What answer do you expect?
Your web server writes %27 to the browser stream.
Depending in which context is that stram embeddit, it is interpreted as html tag entity or as script String constant.

<A HREF="JavaScript:alert('Ned\%27s+Test+Project')">click me</A>
<script>alert('Ned%27s+Test+Project')</script>


0
 
SweatCoderAuthor Commented:
the point is, i understand why js would break on an unescaped single quote inside a string surrounded by single quotes. i DO NOT understand why js would break on %27. it's got to be a bug in js.
0
 
ZvonkoSystems architectCommented:
It breaks because at that point is %27 already translated to apostroph by html tag interpreter.
As you see in my upper second line is %27 NOT translated to apostrophe in script section context, only in html tag context.

0
 
SweatCoderAuthor Commented:
so, in other words, it's a bug.  :-)
0
 
ZvonkoSystems architectCommented:
I wonder how you got your MCP :/
0

Featured Post

2018 Annual Membership Survey

Here at Experts Exchange, we strive to give members the best experience. Help us improve the site by taking this survey today! (Bonus: Be entered to win a great tech prize for participating!)

  • 8
  • 6
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now