[thelist] Escaping quotes in a hidden input's value
Joshua Olson
joshua at waetech.com
Thu Jun 3 13:22:51 CDT 2004
> -----Original Message-----
> From: Tab Alleman
> Sent: Thursday, June 03, 2004 2:12 PM
>
> I didn't want to replace quotes with html entities, because then how
> will I know whether the original value was "Hi!" or "Hi!" ?
You'll know because if you properly escape "Hi!" it becomes
"Hi!"
At a minimum I recommend escape at least the following characters:
< > " &
Coincidentally enough, that's exactly the same characters that Cold Fusion's
HTMLEditFormat function encodes.
I'm sure there's a few more that SHOULD be escaped other than those in the
above list. Anybody have a definitive resource on which characters should
be encoded?
<><><><><><><><><><>
Joshua Olson
Web Application Engineer
WAE Tech Inc.
http://www.waetech.com/service_areas/
706.210.0168
More information about the thelist
mailing list