24293 – innerHTML for comments need to escape data too

This is an archived snapshot of W3C's public bugzilla bug tracker, decommissioned in April 2019. Please see the home page for more details.

Bug 24293 - innerHTML for comments need to escape data too

Summary: innerHTML for comments need to escape data too

Status:	RESOLVED INVALID

Alias:	None

Product:	WHATWG
Classification:	Unclassified
Component:	HTML (show other bugs)
Version:	unspecified
Hardware:	Other other

Importance:	P3 normal
Target Milestone:	Unsorted
Assignee:	Ian 'Hixie' Hickson
QA Contact:	contributor

URL:	http://www.whatwg.org/specs/web-apps/...
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2014-01-14 19:01 UTC by contributor
Modified:	2014-01-14 19:04 UTC (History)
CC List:	2 users (show)

See Also:

Attachments

Description contributor 2014-01-14 19:01:46 UTC

Specification: http://www.whatwg.org/specs/web-apps/current-work/multipage/the-end.html
Multipage: http://www.whatwg.org/C#serializing-html-fragments
Complete: http://www.whatwg.org/c#serializing-html-fragments
Referrer: http://domparsing.spec.whatwg.org/

Comment:
innerHTML for comments need to escape data too

Posted from: 2620:0:1003:1017:2e41:38ff:fea6:f2aa
User agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.22 Safari/537.36

Comment 1 Erik Arvidsson 2014-01-14 19:04:42 UTC

Seems like browser do not escape the content after all.