passing angle brackets in form parameters?

Nick Arnett (narnett@verity.com)
Sun, 16 Apr 1995 18:38:40 -0700


Message-Id: <abb773620f021004ff27@[192.187.143.12]>
Date: Sun, 16 Apr 1995 18:38:40 -0700
To: Multiple recipients of list <www-html@www10.w3.org>
From: narnett@verity.com (Nick Arnett)
Subject: passing angle brackets in form parameters?

Despite access to a wonderful search engine (cough, cough) I just can't
seem to find a definitive answer to the following question...

What is the officially correct, legal way to encode angle brackets in form
parameters?

Let's say, for example, that one wanted to write the following in one's
HTML form:

<INPUT type=hidden name=accessquestion value="vdkvgwkey contains /WWW-talk/">

...but one wanted to surround the word "contains" with angle brackets.
With the browser I'm using, I seem to be required to use the HTML method of
encoding them... to wit:

<INPUT type=hidden name=accessquestion value="vdkvgwkey &lt;contains&gt;
/WWW-talk/">

However, some evil browser out there (I haven't compared the logs to figure
out which) seems to pass the literals to the server, which proceeds to
complain mightily about illegal characters.  Actually, the server in
question here is not the Web daemon, it's our search gizmo, but that
doesn't really matter; the client is possibly misbehaving.  Or I am.

The Right Thing, of course, is for the client to send an URL that contains
something like this:

&accessquestion=vdkvgwkey+%3Ccontains%3E+%2FWWW-talk%2F

What should the HTML look like?

Nick