Comment #10 on issue 2217 by [email protected]: HTML extensions to
String.prototype shouldn’t escape ', < and > in argument values; only "
http://code.google.com/p/v8/issues/detail?id=2217
Just to clarify something:
the behavior after the change is not yet supported by any browser
Actually, the behavior after the change is already supported by all
browsers. The only difference is that V8 (correctly) escapes " into "
for security reasons, while other browsers don’t do that yet — but that’s
unrelated to this issue/patch.
For example, try this in any browser/engine except IE:
'_'.link('<\'>') === "<a href=\"<'>\">_</a>"; // true
Note that in IE, it’s `false` only because they uppercase the tag and
attribute names (https://connect.microsoft.com/IE/feedback/details/752283).
As far as escaping of <, > and ' is concerned, IE does the exact same thing
as other browsers.
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
