[whatwg] Parsing: Disallow slashes in unquoted attribute values?

Ian Hickson ian at hixie.ch
Thu Oct 19 18:29:46 PDT 2006


On Fri, 20 Oct 2006, Bjoern Hoehrmann wrote:
>
> * Ian Hickson wrote:
> >It is very common to see markup such as:
> >
> >   <a href=http://example.com/>Example</a>
> >
> >I don't see any good reason to make that non-conforming in HTML5.
> 
> It is very common to see code such as:
> 
>   echo "<foo bar=" . htmlescape($userinput) . ">...";

...and that will also be compliant, assuming $userinput doesn't have any 
spaces or ">" characters in it. We can't do much about the case where it 
has spaces or ">" characters in it, since we are constrained by how legacy 
UAs parse HTML.

-- 
Ian Hickson               U+1047E                )\._.,--....,'``.    fL
http://ln.hixie.ch/       U+263A                /,   _.. \   _\  ;`._ ,.
Things that are impossible just take longer.   `._.-(,_..'--(,_..'`-.;.'



More information about the whatwg mailing list