[Bug 13605] New: ES < and & escaping in inline script from bugzilla@jessica.w3.org on 2011-08-03 (public-html-bugzilla@w3.org from August 2011)

From: <bugzilla@jessica.w3.org>
Date: Wed, 03 Aug 2011 12:55:46 +0000
To: public-html-bugzilla@w3.org
Message-ID: <bug-13605-2486@http.www.w3.org/Bugs/Public/>

http://www.w3.org/Bugs/Public/show_bug.cgi?id=13605

           Summary: ES < and & escaping in inline script
           Product: HTML WG
           Version: unspecified
          Platform: PC
        OS/Version: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: HTML/XHTML Compatibility Authoring Guide (ed: Eliot
                    Graff)
        AssignedTo: eliotgra@microsoft.com
        ReportedBy: plh@w3.org
         QAContact: public-html-bugzilla@w3.org
                CC: mike@w3.org, public-html-wg-issue-tracking@w3.org,
                    public-html@w3.org, eliotgra@microsoft.com


Polyglot indicates:
[[
When polyglot markup must use script or style commands within its source code,
it uses safe content.

Safe content is content that does not contain a < or & character. The following
example is safe because it does not contain problematic characters within the
script tag.
]]

Can one use \x3C and \x26 instead? If so, it would be nice to remind authors
about them.

-- 
Configure bugmail: http://www.w3.org/Bugs/Public/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.

Received on Wednesday, 3 August 2011 12:55:51 UTC