[whatwg] The problem of duplicate ID as a security issue
Mihai Sucan
mihai.sucan at gmail.com
Thu Mar 16 11:49:58 PST 2006
Le Thu, 16 Mar 2006 17:18:54 +0200, Mihai Sucan <mihai.sucan at gmail.com> a
écrit:
<...>
> Yet getElementById is defined as [2]:
>
> <blockquote>
> Returns the Element that has an ID attribute with the given value. If
> no such element exists, this returns null.
> If more than one element has an ID attribute with that value, what is
> returned is undefined.
> </blockquote>
>
> Therefore... the appropriate behaviour for
> getElementById("duplicate-ID") is to return null.
<...>
Mistake reported by Jim Ley on IRC:
What getElementById('duplicate-ID') returns is undefined according to the
DOM3Core recommandation. This is an error affecting the entire reply.
Apologies.
IMHO, DOM 2 Core has a better wording in regards to this: "behavior is not
defined if more than one element has this ID". It's much clearer.
--
http://www.robodesign.ro
ROBO Design - We bring you the future
More information about the whatwg
mailing list