$ perl
use CGI;
use URI::Escape;

my $orig = q{a9: _-;&<tag>'"};
printf "HTML escaped: %s\n", CGI->escapeHTML($orig);
printf "URL escaped:  %s\n", uri_escape($orig);
^D
HTML escaped: a9: _-;&amp;&lt;tag&gt;'&quot;
URL escaped:  a9%3A%20_-%3B%26%3Ctag%3E'%22