Now, the reason this was the one exception is that most browsers handle invalid HTML entities by displaying them literally. So, entering "XML & Perl" for a node title would result in something that looked fine. So uses of & to mean "&" were silently succeeding due to browsers being forgiving and there was no pressure to "fix" anything.

I would like to point out that browsers displaying "XML & Perl" when encountering "XML & Perl" in an HTML document are actually doing the right thing. Let's not forget that HTML is an SGML application, and not an XML one. And SGML is to XML as Perl is to Python: it doesn't impose artificial rules on the author (programmer) just to make parsing easier. A lone & is just fine in HTML.

From RFC1866:

An ampersand is only recognized as markup when it is followed by a letter or a `#' and a digit.

(Yes, I know the status of RFC1866 is "Historic", but this refers to SGML (ISO 8879:1986), a standard that hasn't been withdrawn).

Abigail