Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

So having a " in your URL is worse than having an &? Neither are representable in HTML, so you're going to have to deal with escaping whether you want to or not. And if you're already escaping & to &amp;, it's pretty easy to escape " to &quot;. Which you should already be doing anyway. (Never put a literal [&<>"'], in your (x)html document, please.)


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: