J
Joshua Beall
Hi,
I am using a javascript tool to allow clients to edit content boxes on their
sites (http://www.interactivetools.com/products/htmlarea/). However, I
noticed that it does not escape attribute values, even when you copy paste a
bit of code. For instance, if you copy paste a section <p
class="paraTitle">Lorem ipsum</p>, then view the source, it winds up <p
class=paraTitle>Lorem Ipsum</p>
My question is, how concerned should I be by this? IE6 and Mozilla 1.5/1.6
both seem to handle it fine. Are there browsers that are going to choke on
this?
-Josh
I am using a javascript tool to allow clients to edit content boxes on their
sites (http://www.interactivetools.com/products/htmlarea/). However, I
noticed that it does not escape attribute values, even when you copy paste a
bit of code. For instance, if you copy paste a section <p
class="paraTitle">Lorem ipsum</p>, then view the source, it winds up <p
class=paraTitle>Lorem Ipsum</p>
My question is, how concerned should I be by this? IE6 and Mozilla 1.5/1.6
both seem to handle it fine. Are there browsers that are going to choke on
this?
-Josh