[whatwg] input element's value should not be sanitized during parsing from Mounir Lamouri on 2010-09-21 (public-whatwg-archive@w3.org from September 2010)

From: Mounir Lamouri <mounir.lamouri@gmail.com>
Date: Tue, 21 Sep 2010 22:30:40 +0200
Message-ID: <4C9915F0.2020009@gmail.com>

On 09/21/2010 10:18 PM, Jonas Sicking wrote:
> On Tue, Sep 21, 2010 at 9:13 AM, Boris Zbarsky <bzbarsky at mit.edu> wrote:
> Also, it would mean that the following two pieces of code behaves differently:
> 
> inp = document.createElement("input");
> inp.setAttribute("value", "foo\nbar");
> inp.setAttribute("type", "hidden");
> 
> and
> 
> inp = document.createElement("input");
> inp.setAttribute("type", "hidden");inp.setAttribute("value", "foo\nbar");
> This does not seem desirable.

They do. And I don't see this can be different.

--
Mounir

Received on Tuesday, 21 September 2010 13:30:40 UTC