Re: Re: Re: HTML printing

With great respect and appreciation for Randal... and not a little trepidation, let me quote two bits of tested perl code that each print '&' into an HTML page without making use of the '&amp' entity.

The first example prints the '&' as displayed, plain text.
The second example prints the '&' inside an HTML tag:

   print "Let's show a query string: ?key1=one&key2=two\n";
   print "<a href='$my_url?key1=one&key2=two'>Click here</a>\n";
[download]

The HTML '&amp' entity does have its use. A prime example of which is the fact that I had to type '&amp' to get the third word in the previous sentence to appear correctly!

Update: This is bad advice!! Read the next post for the correction. (This post left in place so that Randal's next post will make sense.)

Comment on Re: Re: Re: HTML printing Download Code

Replies are listed 'Best First'.
Re: Re: Re: Re: HTML printing by merlyn (Sage) on Feb 17, 2001 at 10:01 UTC
Both of those generate invalid HTML when displayed in a browser, which a browser must error correct to understand that "&key2" is not an entity. Try your experiment with "key2" replaced with "copy" and you'll get copyright symbols all over the place. I stand by my first statement. Dumping HTML to the browser, whether in the body of the text, or in the parameter of a tag, must be properly entity-escaped, and if not, you are relying on the error-correction behavior of the browser to correct for your avoidable failure. Please don't, and please don't tell others to copy your mistake. -- Randal L. Schwartz, Perl hacker	[reply]
Mea Culpa!! by dvergin (Monsignor) on Feb 17, 2001 at 10:14 UTC
Thanks, Randal. Yes, of course you are right. I would have done better to put my post in the form of a question. (E.g. "but this seems to work, please explain... etc. etc.") And your explanation makes clear why I have gotten away with this with known keys that happened not to be any of the 100 or so named HTML entities. The fact that my suggestion works much of the time makes it all the more dangerous -- since it will lead to complacency and a rude awakening down the line. I did say "considerable trepidation". Perhaps there is solice in the thought that this exchange will be instructive to others. <brave grin>	[reply]