- From: Liam R. E. Quin <liam@w3.org>
- Date: Fri, 01 Dec 2017 21:56:06 -0500
- To: "Tab Atkins Jr." <jackalmage@gmail.com>, "Martin J." Dürst <duerst@it.aoyama.ac.jp>
- Cc: Matt King <a11ythinker@gmail.com>, "spec-prod@w3.org Prod" <spec-prod@w3.org>
On Fri, 2017-12-01 at 17:23 -0800, Tab Atkins Jr. wrote: > [...] > Right. All you need, to be precise, is: > > 1. In text, escape & and <. > 2. In a quoted attribute value, escape & and whatever character you > use for quoting (either ' or "). (Unquoted attribute values have more > complex rules, only use them if you have simple values.) Pedantic addition - escape > when it appears in the plain text outside a CDATA section but in the sequence ]]> - i haven't checked whether this is still true for HTML 5, though, and Web browsers probably don't care; it's an error "for SGML compatibility" in XML to have ]]> appear except to mark the end of a CDATA section. Incorrect handling of CDATA sections, especially in generated markup, is a rat's nest for another day [1] :) Liam [1] https://xkcd.com/327/ -- Liam Quin, W3C, http://www.w3.org/People/Quin/ Staff contact for Verifiable Claims WG, SVG WG, XQuery WG Web slave for http://www.fromoldbooks.org/
Received on Saturday, 2 December 2017 02:56:20 UTC