Open
Description
During removal of support for IE hacks (#995), it was found that
parseIdentifier()
treats the first character differently to subsequent characters - it does not attempt to escape the first character;- it escapes characters like
TAB
orNUL
with the literal character, so the result is, e.g., a\
followed by an actualTAB
, rather than\t
or\9
.
Perhaps these characters should not be allowed in identifiers anyway. Would need to check the spec, but I think the idea of the IE hacks was for IE-specific rules, so I expect these characters should be disallowed (as well as other control characters).
This was the test CSS:
p {
padding-right: .75rem \9;
background-image: none \9;
color:red\9\0;
background-color:red \9 \0;
background-color:red \9 \0 !important;
content: "red \9\0";
content: "red\0abc";
}