Marcin Kasperski wrote:
very well. I'll submit something to modperl-dev later today and we'll see how the vote falls :)namely "i had a bad feeling about this. we should not be implementing escape_html to begin with, the functionality should all be in apache." (...)The main point in this case: someone decided to escape " (double quote) in escape_html. For HTML, ' (single quote) is practically equivalent (and can be used at the same places for the same purpose). I see no reason to differentiate handling of single and double quote while generating HTML pages. The reason to use escape_html vs HTML::Entities is clear - the speed. And at least in my case one needs to escape just <, >, &, " and ' - the characters which can spoil the way browser interprets HTML.
--Geoff