Comment 6 for bug 1005921

Looks like this could potentially be a big problem. The real question is if the resulting values are being quoted everywhere that they are used. Without going through the rest of the code, it is hard to know if this is something that is exploitable today. A code audit seems in order.

In the long run, we should really change how the values are being unquoted. That seems like the wrong way to go about it as it burdens users of this data to get it right every time.