#6780 closed bug (invalid)
HTML/character entities not handled
Reported by: | kbwood | Owned by: | |
---|---|---|---|
Priority: | Milestone: | 1.4.3 | |
Component: | attributes | Version: | 1.4.2 |
Keywords: | Cc: | ||
Blocked by: | Blocking: |
Description
The attr and val functions don't handle/convert HTML and character entities. For example:
$('#input').attr({title: 'søntag'}).val('søntag');
shows this exact text instead of resolving ø to ø.
Change History (3)
comment:1 follow-up: 3 Changed 13 years ago by
Component: | unfiled → attributes |
---|---|
Resolution: | → invalid |
Status: | new → closed |
comment:2 Changed 12 years ago by
Instead of using HTML entities, use unicode. For example, instead of this:
$('input').val('Click here »');
Do this:
$('input').val('Click here \u00BB');
comment:3 Changed 9 years ago by
Please note that in the example or translating entities to text, using a div can be dangerous if decoding any sort of unsafe data (like user input), due to the possibility of XSS injection. It is generally safer (although not 100%) to use a textarea for this instead
$('<textarea />').html('søntag').text();
Replying to dmethvin:
This seems compatible with the behavior of the underlying DOM apis, so I don't think it's a bug:
$('input')[0].value = 'søntag'; $('input')[0].setAttribute('title', 'søntag');If you need to translate HTML entities to text, it's easy enough:
var text = $('<div />').html('søntag').text();
This seems compatible with the behavior of the underlying DOM apis, so I don't think it's a bug:
If you need to translate HTML entities to text, it's easy enough: