Summary: | REGRESSION node.innerHTML doesn't escape > in strings | ||||||
---|---|---|---|---|---|---|---|
Product: | WebKit | Reporter: | Bill Keese <bill> | ||||
Component: | DOM | Assignee: | Nobody <webkit-unassigned> | ||||
Status: | RESOLVED DUPLICATE | ||||||
Severity: | Normal | CC: | ap | ||||
Priority: | P2 | ||||||
Version: | 528+ (Nightly build) | ||||||
Hardware: | All | ||||||
OS: | OS X 10.5 | ||||||
URL: | http://turtle.dojotoolkit.org/~bill/innerHTML.html | ||||||
Attachments: |
|
Description
Bill Keese
2008-03-25 21:44:47 PDT
Created attachment 20074 [details]
little test case. the alert should show > but instead shows >
We do escape '<' and '&' - what is the reason to escape '>'? (In reply to comment #2) > We do escape '<' and '&' - what is the reason to escape '>'? > Hmm, well I filed this ticket because it's causing one of our product's unit tests to fail (and since Safari 3.1's behavior was different than all other browsers I tested) but as far as practical issues, I can't think of anything... OK I will close the bug. Thank you for filing this bug - having seen it will make practical problems caused by this easier to recognize, if we ever encounter any. Not escaping '>' makes the code slightly faster, so I hesitate to "fix" this pre-emptively. Reopening to close as a duplicate - this was fixed, after all. |