> I may just be blind, but I don't see a place in the HTML spec which
> describes what is supposed to happen to special characters inside quoted
> strings. Consider an HTML statement such as:
> <form method=post action="/htbin-post/banner hello > foobar">
> ...form goes here
> </form>
> My question relates to how the i/o redirection character (or any special
> character) is to be treated when used within quotes inside of a standard
> HTML directive. Should special characters be completely protected when
> quoted inside of a directive?? Does it make sense to specify that escapes
> such as > be used within quoted strings? Where should this go in the
> spec? (I looked for it, and can't find it - please point me there if I
> missed it.
Page 331 of Goldfarb's SGML Handbook says that parsers derive the attribute
value from the attribute value literal (the stuff between the quote marks)
by replacing any entity references or character references within the literal
and then normalising by replacing any contiguous whitespace by a single
space character. Note you can use " or ' as quote marks for attribute value
literals.
Thanks for pointing out this topic - it is rather obscure and clearly needs
to be included in the HTML+ spec. I can garantee that most browsers are
currently doing the wrong thing for attributes!
Dave Raggett