0

I'm having an issue trying to set an input field's value when using HTML entities in that they are coming out literally as " rather than ".

Here is the code I am using:

document.getElementById('inputSurname').setAttribute('value', 'test"""');

in which the output is test""" though I want the output to be test""".

It doesn't look like a double-encoding issue since in the source code I am seeing it the same way I have set it here.

I know I could decode the value from its HTML entity format though this is something I want to avoid if possible for security.

Any help would be much appreciated :)

harryjamesuk
  • 35
  • 7
  • 2
    You can't have HTML in a form field, only text. It's the same reason why you can't set the value of an input to be bold via the value, only CSS – j08691 Jul 11 '16 at 13:57

3 Answers3

2

Try this:

document.getElementById('inputSurname').value = 'test"""';

Or if you want to keep &quot:

function myFunction() {
    document.getElementById('myText').value = replaceQuot('test&quot&quot&quot');
}
function replaceQuot(string){
    return string.replace('&quot', '""');
}
David H.
  • 507
  • 2
  • 10
  • The problem is that I am storing the value as `"`, and because it's user input I don't really want to decode the HTML entities. – harryjamesuk Jul 11 '16 at 14:05
  • I've made a few tweaks since your answer and managed to get things working now. I've took the string I was using and replaced `&quot` with `\"` to avoid any issues from user input and this now looks normal in the input field - so I'll go ahead and mark your answer as the best solution for leading me to this :) – harryjamesuk Jul 11 '16 at 14:17
1

Or you can use escape characters.

document.getElementById("inputSurname").setAttribute("value", "test\"\"\"\"");

nashcheez
  • 5,067
  • 1
  • 27
  • 53
0

Well you could just write the new value as 'test"""'.

For other characters however, I'm going to refer you to this answer: HTML Entity Decode

Community
  • 1
  • 1
LeDoc
  • 935
  • 2
  • 12
  • 24