[Edit]

HTML - characters that should be escaped

1 contributors

2 contributions

0 discussions

10 points

Created by:

Kevin

797

In this short article, we would like to count what characters should be escaped in HTML.

Quick solution:

xxxxxxxxxx
 
REPLACED ALWAYS:
​
&    should be replaced with    &amp;
<    should be replaced with    &lt;
>    should be replaced with    &gt;
​
​
REPLACED CONDITIONALLY in element attribute (depending on the case):
​
"    should be replaced with    &quot;    e.g.   <div attribute="abc &quot; abc"></div>
'    should be replaced with    &#39;     e.g.   <div attribute='abc  &#39; abc'></div>

Detailed description

Edit

Character	HTML escape code	Description
`&`	`&`	It is required to escape this character because it is used as an escape character, e.g. `<`, `>`, `"`, `'`, etc.
`<`	`<`	Opens HTML elements.
`>`	`>`	Closes HTML elements.

Additionally, inside of attribute values, it is necessary to escape the quote character:

Character HTML escape code Description

"

Needed only when " opens and closes the valve.
e.g.

xxxxxxxxxx
 
<p title="&quot;John&quot; life story ...">
    Few words about John life story...
</p>

'

Needed only when ' opens and closes the valve.
e.g.

xxxxxxxxxx
 
<a href='https://john.com' title='John&#39;s site'>
    Home
</a>

Hint: It is recommended to use " with attribute values.

Warning: use ' or ' or ' because of:

' is not supported by IE8,
' is not defined in HTML 4 (defined since HTML 5).

Practical example

Edit

xxxxxxxxxx
 
<!doctype html>
<html>
<body>
  <p title="&quot;John&quot; life story ...">Few words about John life story...</p>
  <a href='https://john.com' title='John&#39;s site'>Home</a>
  <p>Source code should be placed between &lt;code&gt; and &lt;/code&gt;.</p>
</body>
</html>