[Dropdown] multiselect values encoding, label cannot be removed, quotes missing in select dropdown

[lubber-de]

Description

When a multiple dropdown (non select) was used and selected data has characters like & or ' set, there were stored entity encoded (returning into false positives when comparing later to their original values). Even worse this was only done for all previous selected values, the current to be added value was kept raw already. dropdowns using select tags do not store the selected data in an input field, so the issue does not happen there.

Original data should be kept, as it is already the case for dropdown made out of select tags. Also SUI does not do this.

Additionally this PR fixes a situation when a value has double quotes which led to a js error when trying to remove that label .
Double quotes in select menus are now also kept encoded instead of being removed to have the same behavior for select/non select dropdowns

Double quotes are always encoded (when text needs to be kept) or removed (everywhere else where they dont make sense like classnames) for security reasons, because all internal templates use them for HTML generation

Testcase

• Try to select the entries with a & or '
• Watch the hidden inputs content after every selection in the elements console
• Try to remove the Item 3" inches label in the first dropdown

Wrong

• While selecting each previous value gets encoded making it different to the original value
• Trying to remove the Item 3" inches label results in a console syntax error
• The second dropdown, made out of a select, does not show the " inside the Item 3 label anymore
  https://jsfiddle.net/lubber/fL56791d/13/

Correct

• Identical selected values
• Item 3" inches label can be removed
• Item 3 shows the "
  https://jsfiddle.net/lubber/fL56791d/15/

Screenshots

To see the difference look at the elements console for the hidden input tag holding the selected data. Each time a selected value is added the previous values are encoded.
The second dropdown is made out of a selected tag which works fine already

Wrong

Correct

Closes

#1373

[ko2in]

LGTM.

[prudho]

Woa, good catch ! This one was a nasty bug.

LGTM 👍