HTMLBuilder and <A HREF=''>yeah teah</A>

Steve Holden sholden at
Thu Mar 9 17:11:09 CET 2000

Vespe Savikko wrote:
> Also sprach Ben Skelton <skeltobc at>:
>   Adrian Eyre wrote:
>   >
>   > > b.startElement ('a', {'href': ''})
>   > >
>   > > [snip]
>   > >
>   > > <HTML><A HREF="">Press me</A></HTML>
>   > >
>   > > note the '&' in the href argument.
>   >
>   > Indeed. It's substituted for the ampersand, being illegal in an HTML
>   > document.
>   >
>   > > How can I do this properly?
>   >
>   > What do you mean by properly?
>   I want to pass arguments to the I thought the way to do this
>   was
>   via the url
>   http://server/cgi-bin/
>   ie an ampersand separated list of argument=value.
>   The idea is that when different hyperlinks are followed unique sets of
>   arguments can be passed to the script.
> Have you tried that? If your browser isn't broken it should decode the
> HTML-encoded character entities when following the link. In other
> words _in the HTML document_ the following links behave identically
> (meaning they generate identical HTTP requests):
> <a href="http://server/script?arg1=143&arg2=foo">Link</a>
> <a href="http://server/script?arg1=143&arg2=foo">Link</a>
> If I remember correctly the latter line is even more valid HTML since
> it escapes the "dangerous" & character.
>   ++Vespe
> --
>   ------------------------------------------------------------------
>        Vespe Savikko     vespe at     - to doom de doomsday -

Sadly, your link brings up


in the browser location window, which is NOT what's required.  Unless,
of course, my mail reader has somehow mangled this URL.  The browser
actually needs to see

or it will think you are trying to the CGI argument "amp;arg2" to
"foo".  I have tested this locally, using the following code (I blush
to publish VBscript in c.l.p, but it was quicker to hack an existing
test script):

#------------------------ASP Start------------------------
	<TITLE>Entity Decoding Test</TITLE>
<h3>Arg1: <%=arg1%></h3>
<h3>Arg2: <%=arg2%></h3>
<h3>Extra: <%=extra%></h3>
#------------------------ASP End------------------------

and sure enough that's what happens.  HTML encoding surely isn't
appropriate inside attribute values: it's used between tags to ensure
the browser correctly renders text which might otherwise be incorrectly
interpreted as markup, or require illegal characters in the HTML stream.

So the question remains: how to stop the startElement from HTML
entity-encoding the HREF attribute of an <A> tag.  Some kind of escape
mechanism?  Or are you suggesting that Netscape 4.7 os broken in some
fundamental way?

"If computing ever stops being fun, I'll stop doing it"

More information about the Python-list mailing list