id summary reporter owner description type status priority milestone component version resolution keywords cc 9185 Inline javascript strings containing html become corrupt on edit Paul Aumer-Ryan "Related to ticket:7243, if my editor content contains protected elements (a, area, img, or input) embedded in a javascript string, ckEditor will try to protect their attributes (href, src, name), even if their quote delimiters are escaped. For example: ckEditor will change this: {{{ var link = ""Google""; }}} to this: {{{ var link = ""Google href=\""http://google.com\"">Google""; }}} Fix: the protectAttributes() parser (in htmldataprocessor/plugin.js) should ignore attributes with escaped delimiters. More specifically, line 291-292 (v3.6.4) should change from this: {{{ var protectElementRegex = /<(a|area|img|input)\b([^>]*)>/gi, protectAttributeRegex = /\b(on\w+|href|src|name)\s*=\s*(?:(?:""[^""]*"")|(?:'[^']*')|(?:[^ ""'>]+))/gi; }}} to this: {{{ var protectElementRegex = /<(a|area|img|input)\b([^>]*)>/gi, protectAttributeRegex = /\b(on\w+|href|src|name)\s*=\s*(?:(?:""[^""]*"")|(?:'[^']*')|(?:[^ ""'\\>]+))/gi; }}} (I just added an escaped backslash to that last non-capturing group in the regex.) I have tested this change on the following permutations, and the regex still correctly captures all but the last two links (which should be ignored because they are invalid anyway): {{{ Google Google Google Google Google Google }}} Thanks guys!" Bug closed Normal Core : Parser invalid Sa'ar Zac Elias