tip - Links and input value Need html encoding Too
/Html JavaSript/html/tip - Links and input_value Need html encoding Too.txt
Quick Tip
Links Need Escaping Too
Character escaping affects tag attributes, as anyone who has written HTML forms will know:
<input type="text" name="example"
value="Site Design by "Walker & co.""
/>
In addition to the characters shown previously, you can see that double quotes have a special meaning in HTML code too, so they must also be escaped:
<input type="text" name="example"
value="Site Design by "Walker &
co.""
/>
But one place where even the most experienced HTML coders often forget character escaping is in URLs:
<a href="quiz.php?q1=b&q2=a&q3=d"> ...
</a>
Every Web browser out there will understand this link, which includes three values in the URL query string (q1=b, q2=a, and q3=d), but if you want your code to be standards compliant so that you can check it for mistakes with the W3C Markup Validation Service, you need to escape the special characters that occur in the URL:
<a href="quiz.php?q1=b&q2=a&q3=d">
... </a>
As odd as it may seem, this actually is the right way to do it. If you don't believe me, try validating a page against the XHTML standard that doesn't escape ampersands in link URLs.