Skip to main content

Bug Tracker

Side navigation

#6429 closed bug (wontfix)

Opened April 13, 2010 08:25AM UTC

Closed November 10, 2010 12:31AM UTC

Selector problem: elements with "<" and ">" with backslash escaping aren't selected

Reported by: mriver Owned by:
Priority: undecided Milestone: 1.4.3
Component: selector Version: 1.4.2
Keywords: selector escape meta character Cc:
Blocked by: Blocking:

According with official API reference, I escaped "<" and ">" characters in jQuery selector block.

As expected "#foo>" and "#<bar" are selected, but "#<buz>" isn't.

Mysteriously, "#>qux<" is selected correctly.

This would be replicated in following code:

<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Strict//EN' ''>
<html xmlns='' xml:lang='en'>
    <meta http-equiv='Content-Type' content='text/html;charset=UTF-8' />
    <script type='text/javascript' src=''></script>
    <title>Selector Escaping</title>
    <script type='text/javascript'>
           $('#foo\\\\>').css('background', '#99ff99');       // OK
           $('#\\\\<bar').css('background', '#99ff99');       // OK
           $('#\\\\<buz\\\\>').css('background', '#99ff99');    // NG
           $('#\\\\>qux\\\\<').css('background', '#99ff99');    // OK
    <div id='foo>'>#foo></div>
    <div id='<bar'>#<bar</div>
    <div id='<buz>'>#<buz></div>
    <div id='>qux<'>#>qux<</div>
Attachments (0)
Change History (1)

Changed November 10, 2010 12:31AM UTC by dmethvin comment:1

priority: → undecided
resolution: → wontfix
status: newclosed

This is due to the documented behavior of the


If a string is passed as the parameter to $(), jQuery examines the string to see if it looks like HTML (i.e., it has <tag ... > somewhere within the string). If not, the string is interpreted as a selector expression, as explained above. --

This case looks more like an exploit than a legitimate page. ID attributes can't contain either < or > characters.