Here’s something I’ve never run into before. I’m outputting a string to a literal control, and the string contains several values concatenated. So far so good, I’ve done that plenty of times. I have an abstract class which has some basic machinery to create an XHTML tag, here’s a snippet of the output code.
In my implemented class I’ve defined this variable in the constructor
classTagName = “input type=‘radio’”;
So how on earth can this produce the output…
<input …lots of attributes… type=“radio” />
The single quotes have become double quotes and the the attributes have been spliced into the middle of my string variable. Obviously, this isn’t going to kill me, but I would like to know what’s going on. (Before I do something that will kill my program.)
Good question, which I think I’ve answered though not in the way I expected to. (Didn’t try switching to an HTML doctype, which I will try if I, ha ha, get a chance later).
No, I don’t have a .browsers file, I dropped it and my App_Browsers folder when I dropped the CSS friendly adapters. I found them noble, but insufficient for my needs. The web server control architecture is fundamentally about one thing, eliminating the need to know XHTML. For a front end designer like me, who only came to server side programming after learning XHTML, then CSS, then JS, it’s a solution looking for a problem. And given that I eliminate client miscommunications by switching from comps in the sketch phase to XHTML prototypes in the design phase, the architecture just got in my way. It was never designed to render a fine-tuned prototype and doesn’t have the tools for that, so finally bit the bullet and just code my UIs using old-fashioned custom OOP techniques.
It is indeed firefox. There’s some kind of JS plug-in, I suspect, doing the conversion. In order to more easily grab the code I want, I typically highlight around the area and choose View Selection Source. This opens a new window entitled, DOM source of selection and this is what I’ve been cutting and pasting above.
To do my test I did a simple View Page Source, so I could test the exact page, as is, as static XHTML saved with a .html extension. What I immediately discovered when I went to copy the code is that viewed this way in the “Source of Mypage.aspx” window does in fact show the “correct” version of these lines.
Based on that, since we can see the original code when looking at the source for the entire page, I believe that Firefox is getting the same XHTML as all the other browsers. After that, however, it’s doing some kind of DOM manipulation. To me that probably means JS, which I believe is further strengthened by the dominance of JS as the language of most of the Mozilla plug-ins that I know. This doesn’t make sense behavior wise for any of the plug-ins that I have, so I would guess that it’s part of the core security of the browser. Especially since it’s consistent on the old 2.0 version of one computer and the new 3.6 version I have on my other. It would be interesting to see if someone gets different results though using the View Selection Source option.
Yeah, but I haven’t found anything. There’s lots of stuff on security and development. Lots of stuff about preventing or enabling cross-site operations, dealing with scripts especially preventing malicious scripting. However, there’s nothing about “securing” XHTML. At least not that I can see. It opens interesting questions about what’s going on, but at least for now, the most logical theory appears to be that Firefox is manipulating the XHTML even before we get down to the code which implements Firefox’s rendering.
Have you tried adding the output to a plain .html file and seeing if Firefox manipulates that markup? If it doesn’t that would rule out Firefox and point to .NET serving up markup to different browsers. Do you have something like a .browsers file in the App_Browsers folder?
I guess you could technically say that problem is the response is being processed or filtered, so the answer is kind of yes, but I’m not familiar with a “filter” module, so the question is still what is doing the filtering.
I just found out what the problem is. One of the tech guys on the Wrox P2P forum suggested it. I thought he was high, but I had nothing better to test so I gave it a try and he was right. If anyone else wants to take a crack at what’s processing the code after the literal is initialized, I’ll wait until I log in again (or at least 24 hours) before playing spoiler.
This is absolutely what I thought was going on except nothing is set explicitly and I didn’t do anything differently than I have for the past year, but that’s not it. It’s not a problem with the literal control.
Agreed. That’s the next thing to try, but I was toast last night. I’ve recoded this as a string literal that’s just passed from the controller class back to the code behind and into the HTTP Response.
Interesting guess, but the answer is (if anything) even weirder. It’s the browser! At least that’s the only operational theory I can find that jives with these test results.
There’s no javascript (AJAX, jQuery, or otherwise) involved. Like you were saying, it looks like some kind of attempt at encoding, except I’ve never heard of a browser doing that kind of manipulation on raw XHTML before (like… ever). It’s something I never even really thought about doing this kind of server side programming, but the techie at Wrox asked if it was happening cross-browser. I thought that was a ridiculous question to ask at the time, but when I went to put some test results together to show him that wasn’t it…
Here’s the results I came back with. In IE and Opera the output is identical (to each other, alternate versions, and the server-side literal) but in Firefox, not so much.
Based on those results, I don’t see any way to explain it except that Firefox is manipulating the XHTML. Maybe a security feature? Still I’ve never heard of such a thing, and this is certainly the first time I’ve seen it in action where a browser receives a plain XHTML page and independently tweaks it sans JS.
Magic8ball says: AjaxControlToolkit 
(:
I just found out what the problem is. One of the tech guys on the Wrox P2P forum suggested it. I thought he was high, but I had nothing better to test so I gave it a try and he was right. If anyone else wants to take a crack at what’s processing the code after the literal is initialized, I’ll wait until I log in again (or at least 24 hours) before playing spoiler.