#11343 closed bug (wontfix)
.html('<input value="<http://example.org/>" />') produces <input value="<http://example.org></http:>">
| Reported by: | Owned by: | ||
|---|---|---|---|
| Priority: | undecided | Milestone: | None |
| Component: | unfiled | Version: | 1.7.1 |
| Keywords: | Cc: | ||
| Blocked by: | Blocking: |
Description
Example:
<div id="reloadable"></div>
<script>
$('#reloadable').html('<input value="<http://example.org/>" />');
</script>
This corrupts the HTML snippet - it apparently tries to convert the "XML tag" attribute value to balanced pair of XML tags. However, this is an attribute value only, and jQuery shouldn't change that.
When I use
$('#reloadable')[0].innerHTML = '<input value="<http://example.org/>" />';
then it works. The issue above is problematic because .html is also used by the .load() function and I see no way to work around this effect.
Change History (3)
comment:1 Changed 7 years ago by
| Resolution: | → wontfix |
|---|---|
| Status: | new → closed |
comment:2 Changed 7 years ago by
According to the W3C HTML validator, using <.../> unescaped inside of an attribute is valid. Also, Xalan produces this HTML when rendering a DOM tree to HTML. I therefore don't see why you simply close this as a wontfix.
If this is a built-in feature of jQuery to "clean up" HTML, then please provide an option to switch this off because my server already produces well-balanced HTML tags.
Also, could you give me a better work-around - not everyone has the luxury of changing the server side code when this is coming from the server via .load(). Thanks.
comment:3 Changed 7 years ago by
I have narrowed it down to the following line in jQuery:
rxhtmlTag = /<(?!area|br|col|embed|hr|img|input|link|meta|param)(([\w:]+)[>]*)\/>/ig,
This regular expression should skip anything within "..." and '...' quotes so that only real tags are handled and not attribute values. Please reopen this bug.
Use: '<input value="<http://example.org/>" />'