[whatwg] input element's value should not be sanitized during parsing

Mounir Lamouri mounir.lamouri at gmail.com
Wed Mar 30 08:18:40 PDT 2011


On 03/12/2011 12:56 AM, Jonas Sicking wrote:
>>> inp = document.createElement("input");
>>> inp.setAttribute("value", "foo\nbar");
>>> inp.setAttribute("type", "hidden");
>>>
>>> and
>>>
>>> inp = document.createElement("input");
>>> inp.setAttribute("type", "hidden");
>>> inp.setAttribute("value", "foo\nbar");
>>>
>>> This does not seem desirable.
>>
>> I can't argue that it's desireable, but it's how the Web works, as I
>> understand it.
> 
> Gecko doesn't exhibit this behavior and I don't know of any sites that
> doesn't work in Gecko because of this.

FWIW, it does. The first inp.value is 'foobar' while the second is 'foo
bar'.
See: http://software.hixie.ch/utilities/js/live-dom-viewer/saved/900

Though, I do not think this is related to the initial issue which is
about setting attributes while creating the element from the parser.

--
Mounir



More information about the whatwg mailing list