Home > Developer > Web Develop

Single and double quotes in JS, HTML, and their escape use

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

Excerpt from: http://blog.csdn.net/changhong009/article/details/46004343

' ----Single quotation mark

$ #39; ----single quotes (ie compatible)

" -----double Quotes

A button in a webpage that writes the handling code of the onclick event is accidentally written as follows:
<input value= "Test" type= "button" onclick= "alert (" OK ""); "/>
IE prompt error, then casually changed to:
<input value= "Test" type= "button" onclick= "alert (\" Ok\ ");"/>
The result is still wrong.
At this time, I can not understand, although I know the most direct solution is written like this:
<input value= "" type= "button" onclick= "alert (' OK ');"/>
But why is the escape character in JavaScript \ No effect?

Later, a normal code was found:
<input value= "Test" type= "button" onclick= "alert (&quot;OK&quot;);"/>
At this point, it is understood that the original is still attributed to the scope of the HTML, so the escape character should use HTML, rather than JavaScript.

the practice of two double quotes is VBScript, \ "This approach is JavaScript, and HTML, it is used &quot, and also can use:", ".

The following is a list of the various expression methods:
< body>
< input value= "double quotes inside double quotation marks-error" type= "button" onclick= "alert (" OK ");"/><br/>
< input value= "outer single quotation mark-error" type= "button" onclick= "alert (' OK '); '/><br/>
< input value= "two double quotes-error" type= "button" onclick= "alert (" OK ""); "/><br/>
< input value= "two single quotes-error" type= "button" onclick= "alert (" OK ");"/><br/>
< input value= "\+ double quotes-Error" type= "button" onclick= "alert (\" Ok\ ");"/><br/>
< input value= "\+ single quote-Error" type= "button" onclick= "alert (\ ' Ok\ ');"/><br/>
< input value= "outside double quotes single quote-ok" type= "button" onclick= "alert (' OK ');/><br/>
< input value= "outer single quotation mark-ok" type= "button" onclick= ' Alert ("OK"); '/><br/>
< input value= "external not using quotation marks-ok" type= "button" Onclick=alert (' OK '); Alert ("OK"); /><br/>
< input value= "HTML escape Character" (& # 3 4;)-ok "type=" button "onclick=" alert ("OK"); "/><br/>
< input value= "HTML escape Character" (& # 3 9;)-ok "type=" button "onclick=" alert (' OK '); "/><br/>
< input value= "HTML escape Character" (& # x 2 2;)-ok "type=" button "onclick=" alert (' OK '); "/><br/>
< input value= "HTML escape Character" (& # x 2 7;)-ok "type=" button "onclick=" alert (' OK '); "/><br/>
< input value= "HTML escape character &quot; (& q u o t;)-ok" type= "button" onclick= "alert (&quot;OK&quot;);"/>& Lt;br/>
< input value= "HTML escape character &apos; (& A P o s;)-ie error" type= "button" onclick= "alert (&apos;OK&apos;);"/> <br/>

<input value= "Other \\-Error" type= "button" onclick= "alert (\ \" ok\\ ");"/><br/>
< input value= "other \& # 3 4;-Error" type= "button" onclick= "alert (\" Ok\ ");"/><br/>
</body>

Recently, in the test of the function of full-text retrieval module, it is found that there are still great problems in the processing of special symbols.

Some say spring itself provides a transcoding tool class for HTML, JavaScript, and SQL statements, but tested it to find that its htmlutils.htmlescape () does not handle single quotes, just transcoding the following special characters:

    • &:&amp;
    • ": &quot;
    • <: &lt;
    • >:&gt;

      Later replaced with replace (&apos;), IE browser still does not play a role, had to test in Google to see the source code, found its transcoding (& #39;)

      See the following article today to understand:

      Go: http://blog.huachen.me/single-quote-ie-html-entity

      In the (x) HTML, some special characters should be escaped by HTML entities.

      Common are: & (and), (double quotes), ' (single quotes), <, (less than), , (greater than), these are in the (x) The contents of the HTML document should be converted to: &amp; , &quot; , & #39; , &lt;   and   &gt; .

      But the question is, why is the escaping of single quotes above different from other special characters? Why is the single quotation mark with the entity number (& #39;), and the other is the entity name (&apos;)?

      The reason is   Internet Explorer temporarily does not support the entity name of single quotes, IE temporarily supports only single quote entity number .

      This is also the PHP htmlspecialchars function to escape the single quotes into & #39, rather than the reason for &apos;.

      Also, Baidu does not support single-quote entity names , which I found in my blog in Baidu search results (I have now changed the single quotation mark to the form of the entity number).

      You can view   the entity number and entity name for all special characters of the HTML.

Number
Character EntityEntity Name Description
" & #34; &quot; Quotation mark
& #39; &apos; (Does not work in IE) Apostrophe
& & #38; &amp; Ampersand
< & #60; &lt; Less-than
> & #62; &gt; Greater-than

Single and double quotes in JS, HTML, and their escape use

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
difference between single and double quotes in javascript difference between single and double quotes what difference between single quotes and double quotes single and free quotes single and available quotes double quotes in html code difference between single quote and double quote in php

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More