Ticket #4719: 4719_4.patch
File 4719_4.patch, 1.6 KB (added by , 14 years ago) |
---|
-
_source/core/htmlparser/basicwriter.js
60 60 */ 61 61 attribute : function( attName, attValue ) 62 62 { 63 // Browsers don't always escape quote in attribute values. (#4683) 64 if ( typeof attValue == 'string' ) 65 attValue = attValue.replace( /"/g, '"' ); 63 // Browsers don't always escape special character in attribute values. (#4683, #4719). 64 if ( typeof attValue == 'string' ) { 65 attValue = attValue.replace( /"/g, '"' ).replace( /</g, '<' ).replace( />/, '>' ).replace( /'/, ''' ); 66 } 66 67 67 68 this._.output.push( ' ', attName, '="', attValue, '"' ); 68 69 }, -
_source/plugins/htmlwriter/plugin.js
175 175 if ( typeof attValue == 'string' ) 176 176 { 177 177 this.forceSimpleAmpersand && ( attValue = attValue.replace( /&/g, '&' ) ); 178 // Browsers don't always escape quote in attribute values. (#4683)179 attValue = attValue.replace( /"/g, '"' ) ;178 // Browsers don't always escape special character in attribute values. (#4683, #4719). 179 attValue = attValue.replace( /"/g, '"' ).replace( /</g, '<' ).replace( />/, '>' ).replace( /'/, ''' ); 180 180 } 181 181 182 182 this._.output.push( ' ', attName, '="', attValue, '"' );