Escaping double quotes in JavaScript onClick event handler

Question

The simple code block below can be served up in a static HTML page but results in a JavaScript error   How should you escape the embedded double quote in the onClick handler  i e   quot xyz    Note that the HTML is generated dynamically by pulling data from a database  the data of which is snippets of other HTML code that could have either single or double quotes   It seems that adding a single backslash ahead of the double quote character doesn t do the trick   lt script type  quot text javascript quot  gt      function parse a  b  c            alert c          lt  script gt    lt a href  quot  x quot  onclick  quot parse      false    lt a href   quot xyz    return false quot  gt Test lt  a gt

User · Answer

You may also want to try two backslashes       to escape the escape character

User · Answer

Did you try   amp quot  or  x22  instead of

User · Answer

It needs to be HTML-escaped  not Javascript-escaped  Change    to  amp quot

User · Answer

I think that the best approach is to assign the onclick handler unobtrusively   Something like this   window onload   function        var myLink   document getElementsById  myLinkId        myLink onclick   function             parse      false    lt a href  xyz            return false                    lt a href     id  myLink  gt Test lt  a gt

User · Answer

While I agree with CMS about doing this in an unobtrusive manner  via a lib like jquery or dojo   here s what also work    lt script type  text javascript  gt  function parse a  b  c        alert c         lt  script gt    lt a href   x  onclick  parse      false   xyc amp quot foo   return false   gt Test lt  a gt    The reason it barfs is not because of JavaScript  it s because of the HTML parser   It has no concept of escaped quotes to it trundles along looking for the end quote and finds it and returns that as the onclick function   This is invalid javascript though so you don t find about the error until JavaScript tries to execute the function

[javascript] Escaping double quotes in JavaScript onClick event handler

Examples related to javascript

Examples related to html

Examples related to escaping

Examples related to dom-events