[thelist] Escaping quotes in a hidden input's value

[Tab Alleman]

Joshua Olson wrote:
>> -----Original Message-----
>> From: Tab Alleman
>> Sent: Thursday, June 03, 2004 1:32 PM
>> 
>> Joshua Olson wrote:
>> 
>>> Try switching the outside quotes to single quotes:
>>> 
>>> <input type="hidden" name="Title" value='"I Loved It!"'>
>> 
>> 1)  Is this xHTML compliant?
> 
> No.  The only way to make it compliant is to escape the quotes... a
> technique you've already indicated an aversion to  :-)  There's
> simply no pleasing some people.
> 
>> 2)  What if I want <input type="hidden" name="Title" value='"It's The
>> Bomb!"'>?  Then don't I have to escape the single-quote?  How would
>> I do that? 
>> 
>> 3)  I'd really rather not break my own coding convention of
>> property="value" if I can possibly avoid it.
> 
> It may be time to start escaping.

Actually, pursuing Scott's idea of URLEncoding and Decoding led me to
the discovery of ASP/VBScript's Escape() and Unescape() functions, which
might actually do the trick.

I didn't want to replace quotes with html entities, because then how
will I know whether the original value was "Hi!" or &quot;Hi!&quot; ?

But I'm willing to take a chance that the original text didn't contain
any %Hex data....if I must.