I use Apache::Util::escape_html to perform fast HTML-escaping of the data before displaying it. Unfortunately, this function handles <, >, & and " but does not handle ' (single quote) - which can be escaped as '
It would be nice if apos was handled. After all, in HTML file it is almost equivalent to double quote (it is only the matter of style whether one uses <a href="some url"> or <a href='some url'>). Moreover, there happen situation where on can not change quotation model like in (adapted real example I happened to have trouble with): <a href="javascript:somefun('[%some_var%]')"> (where some_var is a variable escaped with escape_html and unfortunately it can happen to contain apostrophe mark) It seems to me that it would suffice to slightly change the function my_escape_html in src/modules/perl/Util.xs by adding new else-if in both if sequences. PS I do not know how the thing looks in modperl-2 but in case there is similar problem, I would suggest similar solution. -- ( Marcin Kasperski | A reusable framework that is developed by itself will ) ( http://www.mk.w.pl | probably not be very reusable. (Martin) ) (----------------------------------------------------------------------------) ( Z kartą bezpieczniej? http://www.mk.w.pl/artykuly/karty_niebezpieczenstwa )