|
|
Posted by Henry on 07/26/07 16:57
On Jul 26, 4:49 pm, Randell D. wrote:
> I am cross-posting on purpose, ...
<snip>
> When I later try to restore the data I can see it in the HTML source
> from my browser (I'm using latest version of Firefox) but an error in
> the javascript console tells me the variable is not terminated...
<snip>
If your problem is that your server code is inserting line terminator
characters into source code that will be interpreted a on the client
as javascript string literals then there is nothing that you can do
about with javascript on the client. The resulting syntax error in the
javascript is just fatal.
Whenever you inset anything on the server into the source code that
you will be returning to the client you need to (as a matter of
course) 'encode' it appropriately for the context into which you are
insetting it. Be that HTML, XML, javascript string literals or
whatever.
Javascript string literals may not include Line Feed, Carriage Return,
Line Separator (Unicode Hex code point 2028) or Paragraph Separator
(Unicode Hex code point 2029). All of these would need to be
transformed into an escape sequence that javascript will interpret as
the character in question. For LF and CR, "\n" and "\r" respectively,
along with the HEX escape sequences "\x0A" and "\x0D", respectively,
or the Unicode escape sequences "\u000A" and "\000D" respectively, can
be used. For the other two line terminators the escaping can only be
done with the Unicode escape sequences "\u2028" and "\u2029"
respectively (suggesting that a function that did this encoding may
find it easier to transform all problematic characters into the
Unicode escape sequences).
There are another group of characters that will be problematic if they
appear in string literals; backspace, tabs (horizontal and vertical),
form feed, double and single quotes (depending on which is used to
delimit the string literal) and the backslash character because it is
used to introduce all escape sequences (and may combine will all
characters that follow it to form an escape sequence). Thus, for
safety, all of this set should be transformed into equivalent escape
sequences (be they character escape sequences, Hex escape sequences or
Unicode escape sequences) (remembering to do the backslashes first).
Also, do not use the official "\v" as an escape sequence for the
vertical tab character as IE has a bug that leaves it interpreting
that sequnce as a "v" character. Instead use the Hex or Unicode escape
sequences "\x0B" and "\u000B" for consistent results.
Navigation:
[Reply to this message]
|