tags:

views:

4933

answers:

4
+5  Q: 

How do I escape an ampersand in a javascript string so that the page will validate strict?

I am trying to pass a dataString to to an ajax call using JQuery. In the call, I construct the get parameters and then send them to the php page on the receiving end. The trouble is that the data string has ampersands in them and the HTML strict validator is chocking on it.

Here is the code:

$(document).ready(function(){
 $("input#email").focus();
 $('#login_submit').submit(function(){
  var username = $('input#email').val();
  var password = $('input#password').val();
  var remember = $('input#remember').attr("checked");
  var dataString = "email="+username+"&password="+password+"&remember="+remember;
  $.post('login.php', dataString, function(data) {
   if (data == 'Login Succeeded.') {
    location.reload(true);
   } else {
    $("input#email").focus();
    $("#login_msg").html(data).effect("pulsate", {times: 2}, 1000); 
   }
  });   
  return false;
 });
});

and here is an example of the validator message: cannot generate system identifier for general entity "password".

var dataString = "email="+username+"&password="+password+"&remember="+rememb…

(in the validator the "p" after the first ampersand is marked red indicating the point of the failure).

+9  A: 

Try putting your javascript inside a CDATA block like this:

<script type="text/javascript">
<![CDATA[
// content of your Javascript goes here
]]>
</script>

which should make it pass validation. To be extra safe you can add Javascript comments around the CDATA tags to hide them from older browsers who don't understand the CDATA tag:

<script type="text/javascript">
/* <![CDATA[ */
// content of your Javascript goes here
/* ]]> */
</script>
Marc Novakowski  2008-12-10 04:04:08
Strelok  2008-12-10 04:12:21
That was perfect. The first answer didn't work but the second one did. Thanks for the help!
Mike Farmer  2008-12-10 04:15:29
A: 

i would try:

var dataString = "email="+username+"&amp;password="+password+"&amp;remember="+remember;
Luis Melgratti  2008-12-10 04:07:40
yeah, I tried that already and no go. Thanks for the help.
Mike Farmer  2008-12-10 04:12:19
+1  A: 

Note: before one goes blindly wrapping text in CDATA blocks, be aware that CDATA's purpose is NOT for making invalid characters valid.

See: http://www.flightlab.com/~joe/sgml/cdata.html

BryanH  2008-12-10 23:00:07
+1  A: 

"\u0026" works!

 2009-05-06 19:33:41

related questions

What JavaScript patterns do you use most?
Javascript events
What style do you use for creating an "class" in JavaScript?
Graphing JavaScript Library
What's the difference in closure style
Getting the text from a drop-down box
How to specify javascript to run when ModalPopupExtender is shown
Length of Javascript Associative Array
How Do I Post and then redirect to an external URL from ASP.Net?
How to set up a CSS switcher in ASP.NET
Wrapping lists into columns
Javascript keyboard events primer? (or rather: help me with my custom dropdown)
Http Auth in a Firefox 3 bookmarklet
Best Debugging Tools for JavaScript/xulrunner Development
How can I turn a string of HTML into a DOM object in a Firefox extension?
Call ASP.NET Function From Javascript?
Javascript troubleshooting tools in IE
MAC addresses in JavaScript
Capturing TAB key in text box
CSS Background Color in Javascript
How can I make the browser see CSS and Javascript changes?
Triple Quotes? How do I delimit a databound Javascript string parameter in ASP.NET?
ASP .Net Custom Client-Side Validation
What JavaScript library would you choose for a new project and why?
Detecting font in JavaScript