I am trying to pass a dataString to to an ajax call using JQuery. In the call, I construct the get parameters and then send them to the php page on the receiving end. The trouble is that the data string has ampersands in them and the HTML strict validator is chocking on it.
Here is the code:
$(document).ready(function(){
$("input#email").focus();
$('#login_submit').submit(function(){
var username = $('input#email').val();
var password = $('input#password').val();
var remember = $('input#remember').attr("checked");
var dataString = "email="+username+"&password="+password+"&remember="+remember;
$.post('login.php', dataString, function(data) {
if (data == 'Login Succeeded.') {
location.reload(true);
} else {
$("input#email").focus();
$("#login_msg").html(data).effect("pulsate", {times: 2}, 1000);
}
});
return false;
});
});
and here is an example of the validator message: cannot generate system identifier for general entity "password".
var dataString = "email="+username+"&password="+password+"&remember="+rememb…
(in the validator the "p" after the first ampersand is marked red indicating the point of the failure).
Try putting your javascript inside a CDATA block like this:
<script type="text/javascript">
<![CDATA[
// content of your Javascript goes here
]]>
</script>
which should make it pass validation. To be extra safe you can add Javascript comments around the CDATA tags to hide them from older browsers who don't understand the CDATA tag:
<script type="text/javascript">
/* <![CDATA[ */
// content of your Javascript goes here
/* ]]> */
</script>
"\u0026" works!
Note: before one goes blindly wrapping text in CDATA blocks, be aware that CDATA's purpose is NOT for making invalid characters valid.
Sometimes \u0026, &, %26, &, or <![CDATA[ ... ]]> work for ampersands in script blocks in xhtml.
I would like to ask why we should want that kind of a restriction (blink loyalty to the errors in the design of SGML) which also prevents  , mathml, target, and nested xml from working.
Why can't we simply say that in a script block no tags or other SGML stuff gets recognized? Why can't xhtml let targets work?
I don't see an advantage to SGML that outweigh the disadvantages. Right now, even though html5 is somewhat available, xhtml is the validator that catches the most developer errors. Let's fix xml without historical regard to its origins.
i would try:
var dataString = "email="+username+"&password="+password+"&remember="+remember;
来源:https://stackoverflow.com/questions/355043/how-do-i-escape-an-ampersand-in-a-javascript-string-so-that-the-page-will-valida