<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=US-ASCII">
<META content="MSHTML 6.00.2800.1476" name=GENERATOR></HEAD>
<BODY id=role_body style="FONT-SIZE: 10pt; COLOR: #000000; FONT-FAMILY: Arial"
bottomMargin=7 leftMargin=7 topMargin=7 rightMargin=7><FONT id=role_document
face=Arial color=#000000 size=2>
<DIV>Hello,</DIV>
<DIV> </DIV>
<DIV>Please, may I ask two similar questions? No doubt they are
silly; but I've looked for the answer in books, in the docs, in clp, and here,
and had no luck. </DIV>
<DIV> </DIV>
<DIV>1) What is the canonical way to escape the quotes inside of an
attribute? I have a cgi script, and may be getting things from users
that I want to stuff inside of the attributes. That is, I have code
like this: </DIV>
<DIV> favoriteFood=fs.getfirst('favoriteFood') # fs is a
cgi.FieldStorage structure</DIV>
<DIV> attrDct={'favoriteFood':favoriteFood}</DIV>
<DIV>and I'm afraid I'll get "Mama's" for an answer, giving me XML
like</DIV>
<DIV> <choice favoriteFood='Mama's' /></DIV>
<DIV>(likewise, "Ben & Jerry's" gives me worries) I've cast about
for what I thought were likely names, but didn't find any
. </DIV>
<DIV> </DIV>
<DIV>2) Similarly, in XHTML, in an href, is there some obvious function that I
somehow overlooked to quote the ampersands? </DIV>
<DIV> </DIV>
<DIV>Possibly both have the same answer?</DIV>
<DIV> </DIV>
<DIV>I can do a substitution by hand of course, but I'm trying to learn the best
practices, and also I conceive that one of the points of a library to
give me peace of mind that its taken care of obscure cases that I might not
understand.</DIV>
<DIV> </DIV>
<DIV>Thanks in advance,</DIV>
<DIV>Jim Hefferon </DIV></FONT></BODY></HTML>