Opened 9 years ago

Closed 6 years ago

#11993 closed defect (patchwelcome)

input value not filtered in dojox.grid.cells.Cell.formatEditing()

Reported by: goriol Owned by: Bryan Forbes
Priority: high Milestone: tbd
Component: DojoX Grid Version: 1.5
Keywords: Cc: goriol@…, Evan
Blocked By: Blocking:


When I start editing an editable cell in a dojox.grid.DataGrid? whose value contains a quote, the value is truncated after the first encountered quote.

Before entering in edit mode, dojox.grid.cells.Cell.formatEditing() is called. It returns the widget's HTML markup this way:

return '<input class="dojoxGridInput" type="text" value="' + inDatum + '">';

As inDatum is not filtered, any quotation mark will terminate the value.

I would suggest to replace this function by:

		formatEditing: function(inDatum, inRowIndex){
			this.needFormatNode(inDatum, inRowIndex);
			return '<input class="dojoxGridInput" type="text" value="' + inDatum.replace(/"/g, '&quot;') + '">';

Change History (6)

comment:1 Changed 9 years ago by Adam Peller

Cc: evan added

should probably include the full list of HTML entities... grid must have a utility routine to do this already

comment:2 Changed 9 years ago by goriol

As far as I know, the only REQUIRED replacement is the quotation mark as it would terminate the value string. Other characters SHOULD only be replaced if they do not belong the document character set.

comment:3 Changed 9 years ago by bill

Owner: changed from bryanforbes to Bryan Forbes

comment:4 Changed 8 years ago by Evan

Cc: Evan added; evan removed

comment:5 Changed 6 years ago by bill

DojoX Grid and EnhancedGrid are deprecated in favor of dgrid and gridx.

You should upgrade your code to use one of those two grids.

We will consider patches to the old DojoX Grid code though.

comment:6 Changed 6 years ago by bill

Resolution: patchwelcome
Status: newclosed
Note: See TracTickets for help on using tickets.