Using String literals in Javascript calls requires care in escaping quotes but leaving double quotes around the final value, like we expect in HTML attributes.

Here's an example of the right way to do this (thanks to John Brad):

Source
onchange='"someFunc(this.form, \'abc\')"'

Notice that

  • single quotes surround the double quotes, and
  • inline single quotes in the Javascript are escaped.

When rendered, the statement is rendered without the pair of surrounding single quotes, and the literal String stays quoted.

Output
onchange="someFunc(this.form, 'abc')"
  • No labels