Hello all, A proposed change to blaze-html came up. In order to make the best decision, I'd like to ask the advice of this list. Currently, the blaze-html library escapes a single quote (') to '. John MacFarlane brought up [1] the fact that this character doesn't need to be excaped in theory. This would have two advantages: - Easier readable output - Saves a few bytes, hence, faster Why doesn't blaze-html need to escape (')? According to the standards, (') only needs to be escaped when it appears inside an attribute value, because something like: a ! href "'content..." could be rendered to https://github.com/jaspervdj/blaze-html/pull/48 [2]: https://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Ch... Cheers, Jasper