➜
This issue tracker has been migrated to GitHub,
and is currently read-only.
For more information,
see the GitHub FAQs in the Python's Developer Guide.
Created on 2009-06-21 06:51 by ericryk, last changed 2022-04-11 14:56 by admin. This issue is now closed.
| Messages (3) | |||
|---|---|---|---|
| msg89555 - (view) | Author: Eric (ericryk) | Date: 2009-06-21 06:51 | |
The line:
n.feed('<a onclick="alert(\\"test\\")">test</a>')
is not matched by the regular expressions for attributes.
|
|||
| msg89556 - (view) | Author: Eric (ericryk) | Date: 2009-06-21 07:05 | |
More specifically, the attributes cannot contain escaped quotes of the same kind that the attribute value is wrapped in. |
|||
| msg89558 - (view) | Author: Georg Brandl (georg.brandl) *  |
Date: 2009-06-21 09:50 | |
That snippet is not valid HTML. The attribute string is not a JS string, so quotes in it must be escaped with '"', not '\"'. |
|||
| History | |||
|---|---|---|---|
| Date | User | Action | Args |
| 2022-04-11 14:56:50 | admin | set | github: 50567 |
| 2009-06-21 09:50:31 | georg.brandl | set | status: open -> closed nosy: + georg.brandl messages: + msg89558 resolution: wont fix |
| 2009-06-21 07:05:48 | ericryk | set | messages:
+ msg89556 title: HTMLParser Attributes Containing Javascript -> HTMLParser Attributes Containing Escaped Quotes |
| 2009-06-21 06:51:05 | ericryk | create | |