Opened 18 years ago
Closed 18 years ago
#724 closed Bug (duplicate)
Apostrophes broken in FCKeditor.Java
| Reported by: | Owned by: | ||
|---|---|---|---|
| Priority: | Normal | Milestone: | |
| Component: | Server : Java | Version: | |
| Keywords: | SF | Cc: | ickata@…, Frederico Caldeira Knabben | 
Description (last modified by )
In FCKeditor.Java version 2.3, in the file FCKeditor.java, the HTMLEncode method escapes apostrophes incorrectly. It uses ’, which is actually the Windows Cp1252 encoding of the right single quotation mark character (U+2019). Apostrophe is actually U+0027, or '.
The symptom is that when a text containing apostrophes is edited, the apostrophes are all converted to right single quotation marks at the time of rendering the editor.
My recommendation is to simply not escape apostrophes at all, since the output of this method is never placed inside apostrophes (it's used both as a double-quoted HTML attribute value and as the text content within an HTML element). Simply remove the following line from the HTMLEncode method:
txt=txt.replaceAll("'","’");
Moved from SF:
http://sourceforge.net/tracker/index.php?func=detail&aid=1478711&group_id=75348&atid=543653
Change History (2)
comment:1 Changed 18 years ago by
| Cc: | ickata@… Frederico Caldeira Knabben added | 
|---|---|
| Description: | modified (diff) | 
| Reporter: | changed from Martin Kou to jsampson@… | 
comment:2 Changed 18 years ago by
| Component: | General → Server : Java | 
|---|---|
| Resolution: | → duplicate | 
| Status: | new → closed | 
dup of #695


Hi Justin,
Confirmed. That line is not necessary and must be removed.
Best regards, Frederico Caldeira Knabben
http://www.fckeditor.net "Support Open Source Software... What about a donation today?"
Moved from SF. Original poster: fredck
No, ' isn't valid in HTML -- it's only valid in XML (including XHTML). It should be either ' or no replacement.
If you're having problems in MySQL, that's a totally separate issue. You should be escaping all strings at the time you put them into the query! Don't expect upstream libraries to do the wrong thing to fix brokenness in other parts of your code. What if there's an apostrophe in the text content of the HTML?
Moved from SF. Original poster: jsampson
Well, if it is not replaced it causes problems when inserting the string to a MySQL query. Now, in version 2.3 the APOSTROPHE is not encoded, so it causes problems. I think that it should be encoded to '
Moved from SF. Original poster: ickata