[英]Escaping HTML characters with UTF-8?
If my site is using UTF-8, is there any advantage/disadvantage to still escaping HTML characters? 如果我的网站使用的是UTF-8,是否仍可以转义HTML字符有什么优点/缺点? eg Using
"&
" instead of just " &
"? 例如,使用
"&
”而不是仅使用“ &
”? What's the best practice? 最佳做法是什么?
You still need to escape characters that have a special meaning in HTML, like <
, >
, &
, to avoid parser ambiguities/invalid syntax. 您仍然需要转义在HTML中具有特殊含义的字符,例如
<
, >
, &
,以避免解析器歧义/无效的语法。 That has nothing to do with the encoding. 这与编码无关。 You don't need to escape every non-ASCII character though, like "ö" to
ö
不过,您不必转义每个非ASCII字符,例如
ö
“ö” ö
, since you can natively represent them in the UTF-8 encoding. ,因为您可以使用UTF-8编码原生地表示它们。
you have to convert to entity < > & always, and " only when in a html attribute 您必须将其转换为实体<>&始终,并且仅在html属性中才能转换为
for example 例如
<a title="tell me "more"">
&
is invalid HTML (it's an unterminated entity reference). &
是无效的HTML(这是一个未终止的实体引用)。
This has nothing to do with Unicode. 这与Unicode无关。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.