Databases
StackOverflow2013
Postsdbo
PO
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    text
    copied!<p>If you use an appropriate class or library, they will do the escaping for you. Many XML issues are caused by string concatenation.</p> <h1>XML escape characters</h1> <p>There are only five:</p> <pre><code>" &amp;quot; ' &amp;apos; &lt; &amp;lt; &gt; &amp;gt; &amp; &amp;amp; </code></pre> <p>Escaping characters depends on where the special character is used. </p> <p>The examples can be validated at <a href="https://validator.w3.org/#validate_by_input" rel="noreferrer">W3C Markup Validation Service</a>.</p> <h2>Text</h2> <p>The safe way is to escape all five characters in text, however, the three characters <code>"</code>, <code>'</code> and <code>&gt;</code> needn't be escaped in text:</p> <pre><code>&lt;?xml version="1.0"?&gt; &lt;valid&gt;"'&gt;&lt;/valid&gt; </code></pre> <h2>Attributes</h2> <p>The safe way is to escape all five characters in attributes, however, the <code>&gt;</code> character needn't be escaped in attributes:</p> <pre><code>&lt;?xml version="1.0"?&gt; &lt;valid attribute="&gt;"/&gt; </code></pre> <p>The <code>'</code> character needn't be escaped in attributes if the quotes are <code>"</code>:</p> <pre><code>&lt;?xml version="1.0"?&gt; &lt;valid attribute="'"/&gt; </code></pre> <p>Likewise, the <code>"</code> needn't be escaped in attributes if the quotes are <code>'</code>:</p> <pre><code>&lt;?xml version="1.0"?&gt; &lt;valid attribute='"'/&gt; </code></pre> <h2>Comments</h2> <p>All 5 special characters <strong>must not</strong> be escaped in comments:</p> <pre><code>&lt;?xml version="1.0"?&gt; &lt;valid&gt; &lt;!-- "'&lt;&gt;&amp; --&gt; &lt;/valid&gt; </code></pre> <h2>CDATA</h2> <p>All 5 special characters <strong>must not</strong> be escaped in <a href="https://en.wikipedia.org/wiki/CDATA" rel="noreferrer">CDATA</a> sections:</p> <pre><code>&lt;?xml version="1.0"?&gt; &lt;valid&gt; &lt;![CDATA["'&lt;&gt;&amp;]]&gt; &lt;/valid&gt; </code></pre> <h2>Processing instructions</h2> <p>All 5 special characters <strong>must not</strong> be escaped in XML processing instructions:</p> <pre><code>&lt;?xml version="1.0"?&gt; &lt;?process &lt;"'&amp;&gt; ?&gt; &lt;valid/&gt; </code></pre> <h1>XML vs. HTML</h1> <p>HTML has <a href="http://www.escapecodes.info/" rel="noreferrer">its own set of escape codes</a> which cover a lot more characters.</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload