The tag works like this:
<a ref="http://googl.com%22 onclick=alert(124)">http://google.com" onclick=alert(124)</a>
Here, the double quote I put is turned into %22
. Is there a way to overcome it?
The tag works like this:
<a ref="http://googl.com%22 onclick=alert(124)">http://google.com" onclick=alert(124)</a>
Here, the double quote I put is turned into %22
. Is there a way to overcome it?
Here, the double quote I put is turned into
%22
. Is there a way to overcome it?
No. Double quotes changing into %22
is called url encoding, which is performed so that rendered page doesn't treat it as double quotes.