Requirements for escaping an attribute of an input tag value

Question

Requirements for escaping an attribute of an input tag value

What are the requirements for escaping characters in an input tag value attribute in HTML markup?

Are these just double quotes that need to be escaped? HTML special characters?

I tried to look at the W3C specification , but I could not find any specific details about how the material should be placed in the value attribute.

I suggest that in itself "should be avoided ", but what about others? Both the escape and the failure seem to work very well in all my browsers, but I don’t want to choose non-standard and end up with broken HTML or &amp;amp;amp;.

+3

html standards php w3c

Steven xu Feb 28 '10 at 5:26

source share

1 answer

cletus · Accepted Answer · 2010-02-28T05:29:53+0000

Attribute values should contain only those quotation marks.

If the attribute uses double quotes, replace the double quotes with ".

If your attribute is enclosed in single quotes, highlight single quotes in a string with '. Note: do not use '!

All of them are valid HTML:

<input value=foo>
<input value="foo">
<input value='foo'>

Note. Quotation marks do not have to be valid HTML. However, XHTML requires quotation marks. Without quotes, you cannot have spaces in the attribute value.

Requirements for escaping an attribute of an input tag value

More articles: