This is an archived snapshot of W3C's public bugzilla bug tracker, decommissioned in April 2019. Please see the home page for more details.
In https://html.spec.whatwg.org/multipage/embedded-content.html#best-practices-for-metadata-text-tracks the data URL for the document provide in the iframe src attribute there there does not conform to the requirements in the URL spec. The URL appears like this: <iframe src="data:text/html;charset=utf-8,<!DOCTYPE%20html>%0A<style>%0A%20body%2C%20html%20%7B%20ma…<span>Qual%20Match%2037<%2Fspan>%20<span>Friday%2014%3A21<%2Fspan>%0A<%2Fdiv>" width=600 height=400></iframe> ...but the characters "<" and ">" are not "URL code points" as defined in the URL spec, so they should instead be percent-encoded in that src value.
It's tempting to suggest to Anne that we just allow < and > in URLs, thought I imagine people who want to write <URL:http://foo> wouldn't like that...
(In reply to Ian 'Hixie' Hickson from comment #1) > It's tempting to suggest to Anne that we just allow < and > in URLs, thought > I imagine people who want to write <URL:http://foo> wouldn't like that... Anne says, "we could have a distinct conformance class for URLs in HTML attribute values but I don't really want to get into that before we actually have conforming URL parsers" (By the way, I notice The data: URI kitchen also doesn't percent-encode < and > in its output.)
Yeah that's why they didn't get encoded here, that's what I used. :-)
Turns out the data: URL kitchen uses URI::Escape, and it does crazy eval() stuff when you try to pass it a pattern, which doesn't seem to work right, so I'm not fixing the kitchen...
Checked in as WHATWG revision r8862. Check-in comment: escape more characters in example data: url (text track section) https://html5.org/tools/web-apps-tracker?from=8861&to=8862