Escaping Single Quotes.

  • Ralph Corderoy

    Ralph Corderoy - 2000-12-01


    I understand that HTML allows the values of attributes to be contained in either single or double quotes, e.g. `<a href='...'>' is valid.

    Why is it that HTML::Template, and CGI, only escape double quotes and not single?  This leads to <input type=text name=x value='O'Reilly'>.


    • Lee Weston

      Lee Weston - 2000-12-21

      I was just browsing that very bit of code.

      # straight from the bible.
              $toencode=~s/\&quot;/&quot;/g; #"
              $toencode=~s/'/&#39;/g; #'

      So it looks like it should escape it and lt explains why HTML::Template and CGI work the same.

      Are you a Microsoft user by any chance?  If so, turn "smart quotes" off.


Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

No, thanks