Home Download Buy Blog Forum Support

Character usage

Character usage

Postby djb1796 on Sun Sep 16, 2012 5:34 pm

Hi,

Complete beginner question.. when coding html stating UTF-8 encoding what is the best practise for inputting special characters?

For example.. I know html names are there for some character such as ampersand.. & etc. but others such as commas and brackets only have a numeric code.. , etc.

Most browsers I've tried seem to display the characters as intended but for the best compatibility do you need to / should you write the numeric or html name rather than just typing the character itself?

If this is the case what's the best plugin currently for auto formatting these numeric codes?

Thanks in advance!
djb1796
 
Posts: 3
Joined: Sun Sep 16, 2012 5:25 pm

Re: Character usage

Postby tito on Mon Sep 17, 2012 12:34 am

when coding html stating UTF-8 encoding what is the best practise for inputting special characters?


Just type the characters.

You may use the following: (in reverse order)

& → & (ampersand, U+0026)
&lt; → < (less-than sign, U+003C)
&gt; → > (greater-than sign, U+003E)
&quot; → " (quotation mark, U+0022)
&apos; → ' (apostrophe, U+0027)

to prevent code injections, Imagine this forum evaluating something like this:
<script>alert(document.cookie)</script>
also you use theses to get a valid XML, example <a href="http://d.tld/file?some=true&amp;else=false">...
Give APIs, let the community build the rest!
https://github.com/titoBouzout
tito
 
Posts: 864
Joined: Thu Sep 29, 2011 2:27 pm
Location: Montevideo, Uruguay

Re: Character usage

Postby djb1796 on Thu Sep 20, 2012 9:40 am

Hi, thanks for the reply.

So, just to confirm... are you saying that for anything like a comma, semi-colon or question mark (non-letter characters that aren't on the list you gave -including ampersand) you can just type it in the html and all browsers will recognise them and display them correctly provided that you state UTF-8?

And secondly, the list of characters you gave including ampersand have 'special' codes which should be used so that the server or browser don't mis-interpret them as commands?

Cheers
djb1796
 
Posts: 3
Joined: Sun Sep 16, 2012 5:25 pm

Re: Character usage

Postby tito on Thu Sep 20, 2012 1:57 pm

The browser will recognise them if:
1 - the document is written in UTF8 encoding
2 - the document is served(response headers) to the browser with the encoding UTF8 [1] [2]
3 - the document have the <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">

The browser will maybe display "squares", maybe with codes in it (firefox), if you don't have the required fonts to display these correctly. Found some maybe at the bottom of this page: http://www.wikipedia.org/
The browser will display mojibake when fails to render these correctly because of an encoding issue.

You just type every character you need (letters and non-letters), and when typing &, <, >, ", ' just type &amp;, &lt, &gt;, &quot;, &apos; instead.

&quot;, &apos; is usefull in case like this one:
<a href="<?php echo $url?>"></a>
<a href='<?php echo $url?>'></a>
which can be translated as:
<a href="http://d.tld" onclick="hack()"></a>
<a href='http://d.tld' onclick='hack()'></a>

...........
Give APIs, let the community build the rest!
https://github.com/titoBouzout
tito
 
Posts: 864
Joined: Thu Sep 29, 2011 2:27 pm
Location: Montevideo, Uruguay

Re: Character usage

Postby djb1796 on Thu Sep 20, 2012 2:41 pm

Brilliant, thank you tito - it's much clearer now.
djb1796
 
Posts: 3
Joined: Sun Sep 16, 2012 5:25 pm


Return to General Discussion

Who is online

Users browsing this forum: Exabot [Bot], Google [Bot] and 32 guests