I have been using slim, and suddenly noticed that it escapes everything by default. So the anchor tag looks something like this:
<a href="/users/lyann/followers">
<img class="user-image" src="http://adasdasdasd.cloudfront.net/users&# 47;2011/05/24/4asdasd/asdasd.jpg" />
Is it okay for the href and src attributes to be escaped like this? Are there any other implications? All browsers seems to render it without a problem, though.
Yes, it's perfectly fine. Character references are valid inside attributes, too, and will be treated as character references just the same.
For reference, see:
- A description of character references (they may be found within text)
- A description of text
来源:https://stackoverflow.com/questions/12444605/is-it-okay-to-use-html-entities-in-attributes