[Wicket-user] Escaping quotes in attributes

Sven Meier Fri, 06 Jul 2007 15:26:58 -0700

I'm wondering about ComponentTag.writeOutput() [line653]:

      if (value != null)
      {
          response.write("=\"");
          value = Strings.replaceAll(value, "\"", "\\\"");
          response.write(value);
          response.write("\"");
      }


Shouldn't the escaping be something more sensible to the browser's 
xml/html parser:

      if (value != null)
      {
          response.write("=\"");
          value = Strings.replaceAll(value, "\"", "&#34;");
          response.write(value);
          response.write("\"");
      }

Sven

-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
Wicket-user mailing list
Wicket-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/wicket-user

[Wicket-user] Escaping quotes in attributes

Reply via email to