[whatwg] base64 entities

On Thu, Aug 26, 2010 at 5:58 AM, Julian Reschke <julian.reschke at gmx.de> wrote:
> Not convinced. There's already one way to escape these things, and this is
> supported in all UAs.

Adam gave two examples of cases where htmlspecialchars() is
insufficient, even if authors do use it.  This proposal is completely
general and will work anywhere, even in <script>.  Is automated
general escaping even possible right now in <script> for text/html?

Received on Thursday, 26 August 2010 13:10:49 UTC