Sven Köhler wrote:
>
> > Perhaps this should be added to the $Server->HTMLEncode() regexp in
> > ASP.pm?
> >
> > s/\'/'/sg;
>
> i would go even further with:
> s/[^\w\s\n\r]/escpape($1)/ge
> or somethin like this.
While I think this kind of escaping is relevant to URLEncode(), I do
not think the white space needs character entity escaping via HTMLEncode().
I believe for example that if someone has something like this:
<input value="<%= $Server->HTMLEncode('some data
some more data') %>">
that this will work just fine because \n data is OK between
HTML attribute quotes.
--Josh
_________________________________________________________________
Joshua Chamas Chamas Enterprises Inc.
NodeWorks Founder Huntington Beach, CA USA
http://www.nodeworks.com 1-714-625-4051
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
