What characters do I need to escape in XML documents

Question

What characters must be escaped in XML documents  or where could I find such a list

User · Answer

Perhaps this will help   List of XML and HTML character entity references      In SGML  HTML and XML documents  the   logical constructs known as character   data and attribute values consist of   sequences of characters  in which each   character can manifest directly    representing itself   or can be   represented by a series of characters   called a character reference  of which   there are two types  a numeric   character reference and a character   entity reference  This article lists   the character entity references that   are valid in HTML and XML documents    That article lists the following five predefined XML entities   quot    amp    amp  apos    lt     lt  gt     gt

User · Answer

It depends on the context  For the content  it is  lt  and  amp   and      though a string of three instead of one character    For attribute values  it is  lt    amp      and     For CDATA  it is

User · Answer

In addition to the commonly known five characters   lt       amp      and     I would also escape the vertical tab character  0x0B   It is valid UTF-8  but not valid XML 1 0  and even many libraries  including the highly portable  ANSI C  library libxml2  miss it and silently output invalid XML

User · Answer

New  simplified answer to an old  commonly asked question     Simplified XML Escaping  prioritized  100  complete    Always  90  important to remember    Escape  lt  as  amp lt  unless  lt  is starting a  lt tag  gt   Escape  amp  as  amp amp  unless  amp  is starting an  amp entity    Attribute Values  9  important to remember    attr    Single quotes  are ok within double quotes   attr    Double quotes  are ok within single quotes   Escape   as  amp quot  and   as  amp apos  otherwise   Comments  CDATA  and Processing Instructions  0 9  important to remember     lt  -- Within comments -- gt  nothing has to be escaped but no -- strings are allowed    lt   CDATA  Within CDATA    gt  nothing has to be escaped  but no    gt  strings are allowed   lt  PITarget Within PIs   gt  nothing has to be escaped  but no   gt  strings are allowed   Esoterica  0 1  important to remember    Escape    gt  as    amp gt  unless    gt  is ending a CDATA section    This rule applies to character data in general  ndash  even outside a CDATA section

User · Answer

The accepted answer is not correct  Best is to use a library for escaping xml  As mentioned in this other question  quot Basically  the control characters and characters out of the Unicode ranges are not allowed  This means also that calling for example the character entity  is forbidden  quot  If you only escape the five characters  You can have problems like An invalid XML character  Unicode  0xc  was found

User · Answer

Abridged from  XML  Escaping  There are five predefined entities    amp lt  represents   lt    amp gt  represents   gt    amp amp  represents   amp    amp apos  represents    amp quot  represents      All permitted Unicode characters may be represented with a numeric character reference   For example    amp  20013    Most of the control characters and other Unicode ranges are specifically excluded  meaning  I think  they can t occur either escaped or direct   Valid characters in XML

User · Answer

Escaping characters is different for tags and attributes     For tags     lt   amp lt    gt   amp gt   only for compatibility  read below    amp   amp amp    For attributes      amp quot     amp apos    From Character Data and Markup      The ampersand character   amp   and the left angle bracket   lt   must not   appear in their literal form  except when used as markup delimiters    or within a comment  a processing instruction  or a CDATA section  If   they are needed elsewhere  they must be escaped using either numeric   character references or the strings    amp amp    and    amp lt      respectively  The right angle bracket     may be represented using the   string    amp gt     and must  for compatibility  be escaped using either      amp gt    or a character reference when it appears in the string           in content  when that string is not marking the end of a CDATA   section       To allow attribute values to contain both single and double quotes    the apostrophe or single-quote character     may be represented as      amp apos     and the double-quote character     as    amp quot

User · Answer

If you use an appropriate class or library  they will do the escaping for you  Many XML issues are caused by string concatenation   XML escape characters  There are only five        amp quot       amp apos   lt     amp lt   gt     amp gt   amp     amp amp    Escaping characters depends on where the special character is used   The examples can be validated at the W3C Markup Validation Service   Text  The safe way is to escape all five characters in text  However  the three characters      and  gt  needn t be escaped in text    lt  xml version  1 0   gt   lt valid gt    gt  lt  valid gt    Attributes  The safe way is to escape all five characters in attributes  However  the  gt  character needn t be escaped in attributes    lt  xml version  1 0   gt   lt valid attribute   gt    gt    The   character needn t be escaped in attributes if the quotes are      lt  xml version  1 0   gt   lt valid attribute      gt    Likewise  the   needn t be escaped in attributes if the quotes are      lt  xml version  1 0   gt   lt valid attribute      gt    Comments  All five special characters must not be escaped in comments    lt  xml version  1 0   gt   lt valid gt   lt  --    lt  gt  amp  -- gt   lt  valid gt    CDATA  All five special characters must not be escaped in CDATA sections    lt  xml version  1 0   gt   lt valid gt   lt   CDATA    lt  gt  amp    gt   lt  valid gt    Processing instructions  All five special characters must not be escaped in XML processing instructions    lt  xml version  1 0   gt   lt  process  lt    amp  gt    gt   lt valid  gt    XML vs  HTML  HTML has its own set of escape codes which cover a lot more characters

User · Answer

Only  lt  and  amp  are required to be escaped if they are to be treated character data and not markup   2 4 Character Data and Markup

User · Answer

According to the specifications of the World Wide Web Consortium  w3C   there are 5 characters that must not appear in their literal form in an XML document  except when used as markup delimiters or within a comment  a processing instruction  or a CDATA section  In all the other cases  these characters must be replaced either using the corresponding entity or the numeric reference according to the following table   Original CharacterXML entity replacementXML numeric replacement  lt  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  amp lt   nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  amp  60  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp    nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  amp gt   nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  amp  62  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp    nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  amp quot   nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  amp  34  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp   amp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  amp amp   nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  amp  38  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp    nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  amp apos   nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  amp  39  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp  nbsp   Notice that the aforementioned entities can be used also in HTML  with the exception of  amp apos   that was introduced with XHTML 1 0 and is not declared in HTML 4  For this reason  and to ensure retro-compatibility  the XHTML specification recommends the use of  amp  39  instead

[xml] What characters do I need to escape in XML documents?

Examples related to xml

Examples related to escaping

Examples related to character