Opened 12 years ago

Last modified 12 years ago

#8808 confirmed Bug

Non ASCII characters are not being changed to entities in HTML attributes- except for the basic ones

Reported by: Jakub Ś Owned by:
Priority: Normal Milestone:
Component: General Version: 3.0
Keywords: Cc:

Description

Paste in the below code in source mode and then switch to WYSIWYG and back to source:

<img alt="This is a test to see how ckeditor handles alt tags with curly quotes &>< other characters. What's going to happen? What’s going to Й  happen with this curly apostrophe." src="/images/test.jpg" style="width: 50px; height: 50px; " />

Notice that basic characters like & > < ” are encoded but ', Й and all other non ASCII are not. What is more even setting the config.entities_additional = '#39,#0146',#1049; will not help. Attribute values are left untouched.

One proposed solution was that perhaps config.entities should be “extended” to support attributes.

Change History (4)

comment:1 Changed 12 years ago by Jakub Ś

Status: newconfirmed

comment:2 Changed 12 years ago by Jakub Ś

#8786 was marked as duplicate.

comment:3 Changed 12 years ago by Matti Järvinen

Hmm... I believe this is bogus check with w3c validator http://validator.w3.org/check

Only < > & " characters should be escaped. ' is valid character within attribute value and so is every other character too if the document is UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Test</title>
</head>
<body>
<p>
<img alt="This is a test ” to see how ckeditor handles alt tags with curly quotes  other characters. What's going to happen? What’s going to Й  happen with this curly apostrophe." src="/images/test.jpg"  /></p>
</body>
</html>

Still config.entities, config.entities_latin, config.entities_additional should be applied here too but if config.entities = false any escaping other than required by XML/XHTML spec must not be done.

comment:4 Changed 12 years ago by Matti Järvinen

Forgot these config options:

CKEDITOR.config.entities_processNumerical (always numerical entities defaults to false) CKEDITOR.config.entities_greek

Note: See TracTickets for help on using tickets.
© 2003 – 2022, CKSource sp. z o.o. sp.k. All rights reserved. | Terms of use | Privacy policy