Ian Renfrew wrote:
It is my understanding that you cannot pass a double quote
(") or back slash (\) character as part of a value string.
?
I've got a senario where I'm extracting database information
that may contain double quote character(s). Are there any tricks
out there that would allow me to extract the database information,
double quote character(s) included?
It is normal practice to pass data of unknown content through a function
(of some sort) that renders it 'safe' before dynamically inserting it
into contexts where particular characters may be problematic. For
insertion into a javascript string literal, in a CDATA context,
transforming escapes, quotes, apostrophes, tabs, linefeeds, carriage
returns, copyright symbols, etc, into their hexadecimal or Unicode
escape equivalents should be sufficient. E.G.:-
" --> \x22 - or - \u0022
This inevitably expands the size of the data so it is usually best to
only apply the transformation to characters that may be significant in
the output context.
If the data already contains 'escape sequences' of some sort it would be
necessary to normalise it first.
Richard.