ansaurus

Question

Escaping double quotes in JavaScript onClick event handler

Answer 1

+2 A:

I think that the best approach is to assign the onclick handler unobtrusively.

Something like this:

window.onload = function(){
    var myLink = document.getElementsById('myLinkId');
    myLink.onclick = function(){ 
        parse('#', false, '<a href="xyz');
        return false;
    }
}

//...


<a href="#" id="myLink">Test</a>

CMS 2009-07-04 05:26:11

Answer 2

+1 A:

Did you try

\x22

in place of

\"

?

landon9720 2009-07-04 05:29:19

I just tested this in FF3.6 and IE8 under a similar scenario and it didn't work. However replacing the " with " did. I also tested the exact code above and it worked both ways. In short the \x22 does not appear to work under all scenarios and you should try " in that event.

SpliFF 2010-06-18 08:40:59

Answer 3

A:

You may also want to try two backslashes (\\") to escape the escape character.

Mark A. Nicolosi 2009-07-04 05:41:10

Classic. Stackoverflow ate one of your backslashes and displayed only the other one. I fixed it for you.

Nosredna 2009-07-04 05:44:14

Oops, thanks. Wonder if that happened to the OP.

Mark A. Nicolosi 2009-07-04 14:36:13

Answer 4

+2 A:

While I agree with CMS about doing this in an unobtrusive manner (via a lib like jquery or dojo), here's what also work:

<script type="text/javascript">
function parse(a, b, c) {
    alert(c);
  }

</script>

<a href="#x" onclick="parse('#', false, 'xyc&quot;foo');return false;">Test</a>

The reason it barfs is not because of JavaScript, it's because of the HTML parser. It has no concept of escaped quotes to it trundles along looking for the end quote and finds it and returns that as the onclick function. This is invalid javascript though so you don't find about the error until JavaScript tries to execute the function..

seth 2009-07-04 05:41:44

Downvote. You do NOT need a framework for something like this!

Charlie Somerville 2009-07-04 06:20:16

+1 for "...

Greg 2009-07-04 06:24:45

Answer 5

A:

I am the original poster but google open ID had some problems (ok, I had some problems). Anyway, the \x22 substitution -- on the server side -- works well since the actual value needs to be retained (the alert call was just for example purposes). \x27 can also be substituted for the single quotes.

2009-07-04 06:14:26

Answer 6

+2 A:

It needs to be HTML-escaped, not Javascript-escaped. Change \" to ".

Aseem Kishore 2009-07-04 16:47:34

Answer 7

A:

Hi Landon9720, Replacing double quotes with \x22 has worked for me too...But tested it only in IE6... Thanks for your info....

Raja 2010-05-17 14:55:14

ansaurus

tags:

views:

answers:

Escaping double quotes in JavaScript onClick event handler

related questions