Re: [whatwg] Proposal: Adding methods like getElementById and getElementsByTagName to DocumentFragments

On 10/10/13 10:15 AM, Glenn Maynard wrote:
> When I'm doing this I just make sure that the strings don't need
> escaping in the first place.  Many of these look like they do that
> (probably most "ID" cases are things like random numbers or alphanumerics).

Let's take a look at Simon's examples from actual web pages:

   .querySelectorAll("#"+M+" "+m)
   .querySelectorAll('.'+classes[i])

If M is a random number, it needs escaping.  Similar if classes[i] is a 
random number.  In particular, ID and class selectors cannot start with 
a digit.

> FWIW, I rarely use IDs at all: I use classes, even if there will
> probably only be one of something.

Classes have the same syntax as IDs in CSS (both are identifiers), so 
it's the same issue.

-Boris

Received on Thursday, 10 October 2013 14:22:39 UTC