----- Original Message ----- From: "Rick Johnston" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, February 28, 2002 7:51 PM Subject: Re: DO NOT REPLY [Bug 6763] New: - XMLWriter doesn't escape enough characters
> > Don't all of the 5 pre-defined characters (& < > ' ") need to be encoded to > avoid problems in parsers? I thought that was required for well-formed > XML. For example, apostrophe (') is used for delimiting attribute values. > I do know that in our case the Xerces SAX parser threw exceptions (or just > returned errors?) if any of those 5 appeared in a value string. No ' and " are perfectly valid in the body of an XML element. An attribute value enclosed in ' can't contain ' and an attribute value enclosed in " can't contain ". You can generally get away without escaping >. The only time you really have to do it is if ]]> appears in the element body when it is not the termination part of a CDATA section. However it's lots simpler to always escape >. John Wilson The Wilson Partnership http://www.wilson.co.uk