This is an archived snapshot of W3C's public bugzilla bug tracker, decommissioned in April 2019. Please see the home page for more details.

Bug 13605 - ES < and & escaping in inline script
Summary: ES < and & escaping in inline script
Status: RESOLVED FIXED
Alias: None
Product: HTML WG
Classification: Unclassified
Component: LC1 HTML/XHTML Compatibility Authoring Guide (ed: Eliot Graff) (show other bugs)
Version: unspecified
Hardware: PC Linux
: P2 normal
Target Milestone: ---
Assignee: Eliot Graff
QA Contact: HTML WG Bugzilla archive list
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2011-08-03 12:55 UTC by Philippe Le Hegaret
Modified: 2013-10-31 21:05 UTC (History)
5 users (show)

See Also:


Attachments

Description Philippe Le Hegaret 2011-08-03 12:55:46 UTC
Polyglot indicates:
[[
When polyglot markup must use script or style commands within its source code, it uses safe content.

Safe content is content that does not contain a < or & character. The following example is safe because it does not contain problematic characters within the script tag.
]]

Can one use \x3C and \x26 instead? If so, it would be nice to remind authors about them.
Comment 1 Michael[tm] Smith 2011-08-04 05:07:10 UTC
mass-move component to LC1
Comment 2 Michael[tm] Smith 2011-08-04 05:07:34 UTC
mass-move component to LC1
Comment 3 Eliot Graff 2013-10-31 21:05:49 UTC
    EDITOR'S RESPONSE: This is an Editor's Response to your comment. If
    you are satisfied with this response, please change the state of
    this bug to CLOSED. If you have additional information and would
    like the Editor to reconsider, please reopen this bug. If you would
    like to escalate the issue to the full HTML Working Group, please
    add the TrackerRequest keyword to this bug, and suggest title and
    text for the Tracker Issue; or you may create a Tracker Issue
    yourself, if you are able to do so. For more details, see this
    document:

       http://dev.w3.org/html5/decision-policy/decision-policy.html

    Status: Accepted. CVS commit 1.2

    Change Description: Added two sentences in section 3.6.2.1 The safe text content option:


Polyglot markup is agnostic as to whether one uses a character entity or a numeric character reference, as long as it is valid. For polyglot markup, there is no difference between &amp; and &#x3C;. 



Thanks for the bug and your extreme patience.