118

Is there an escape character for a double quote in xml? I want to write a tag like:

<parameter name="Quote = " ">

but if I put ", then that means string has ended. I need something like this (c++):

printf("Quote = \" ");

Is there a character to write before the double quote to escape it?

StayOnTarget
  • 11,743
  • 10
  • 52
  • 81
ufukgun
  • 6,889
  • 8
  • 33
  • 55
  • possible duplicate of [Where can I get a list of the XML document escape characters?](http://stackoverflow.com/questions/1091945/where-can-i-get-a-list-of-the-xml-document-escape-characters) –  Jul 24 '12 at 01:06
  • See this: http://stackoverflow.com/questions/1091945/xml-escape-characters – karim79 Aug 03 '09 at 13:32
  • Possible duplicate of [What characters do I need to escape in XML documents?](https://stackoverflow.com/questions/1091945/what-characters-do-i-need-to-escape-in-xml-documents) – StayOnTarget Mar 09 '18 at 12:43
  • Short answer: `"` [**Rest of the story...**](https://stackoverflow.com/a/47534409/290085) – kjhughes Aug 07 '19 at 12:20

8 Answers8

201

Try this:

&quot;
Andrew Hare
  • 344,730
  • 71
  • 640
  • 635
143

Here are the common characters which need to be escaped in XML, starting with double quotes:

  1. double quotes (") are escaped to &quot;
  2. ampersand (&) is escaped to &amp;
  3. single quotes (') are escaped to &apos;
  4. less than (<) is escaped to &lt;
  5. greater than (>) is escaped to &gt;
danjuggler
  • 1,261
  • 2
  • 21
  • 38
Alex Muriithi
  • 1,831
  • 1
  • 13
  • 11
  • 6
    Incorrect; ' is not a valid XML character. It is a valid HTML character - which is SGML and a SUPERset of XML. – Stefan Steiger Dec 08 '17 at 08:05
  • While that's a valid point, most modern XML parsers I've worked with are accepting it as valid character. – Dariusz G. Jagielski Dec 15 '17 at 02:22
  • " is not correctly interpreted by Android when the string is surrounded with double quotes. In this case E-max answer is the only one to work. – Softlion Apr 01 '18 at 06:10
  • @StefanSteiger it's on [this list](https://www.w3.org/TR/2008/REC-xml-20081126/#sec-predefined-ent) – OrangeDog Sep 05 '18 at 14:25
  • 1
    @Dariusz G. Jagielski: While I have nothing against modern XML parsers - if you work with XML in a database (e.g. ms/pg), you'll see that not every piece of software is using modern xml parsers. Especially when it's complex decades old software. That said, if everyone used a modern xml parser, it would be a good thing. However, if that code is deeply integrated in older complex software, it gets very hard to replace it (while retaining 100% backwards compatiblity). The downsides of C or of not using dependency injection, so to say. – Stefan Steiger Sep 05 '18 at 18:26
28

Others have answered in terms of how to handle the specific escaping in this case.

A broader answer is not to try to do it yourself. Use an XML API - there are plenty available for just about every modern programming platform in existence.

XML APIs will handle things like this for you automatically, making it a lot harder to go wrong. Unless you're writing an XML API yourself, you should rarely need to worry about the details like this.

Jon Skeet
  • 1,421,763
  • 867
  • 9,128
  • 9,194
  • 12
    I can't say that I agree. It seems foolish to think that we should be so reliant on API's to abstract us to the point that we don't even need to understand how to read and write XML. Tha XML API probably isn't going to help you a lot when you feed it a malformed document and it blows up. Someone is going to have to fix the data to get it to load. – Christopher Painter Apr 05 '12 at 13:05
  • @ChristopherPainter Given the size of the XML standard, I doubt that there are very many people who do actually understand it. Now there are many who think that they do, but they really don't. – Kuba hasn't forgotten Monica Aug 19 '15 at 19:37
  • 2
    Well, you got to start somewhere. Course in our industry we just complain that XML sucks and start over with something else like JSON. Then the process repeats. – Christopher Painter Aug 19 '15 at 19:40
16

New, improved answer to an old, frequently asked question...

When to escape double quote in XML

Double quote (") may appear without escaping:

  • In XML textual content:

    <NoEscapeNeeded>He said, "Don't quote me."</NoEscapeNeeded>

  • In XML attributes delimited by single quotes ('):

    <NoEscapeNeeded name='Pete "Maverick" Mitchell'/>

    Note: switching to single quotes (') also requires no escaping:

    <NoEscapeNeeded name="Pete 'Maverick' Mitchell"/>

Double quote (") must be escaped:

  • In XML attributes delimited by double quotes:

    <EscapeNeeded name="Pete &quot;Maverick&quot; Mitchell"/>

Bottom line

Double quote (") must be escaped as &quot; in XML only in very limited contexts.

kjhughes
  • 106,133
  • 27
  • 181
  • 240
7

No there isn't an escape character as such, instead you can use &quot; or even <![CDATA["]]> to represent the " character.

Matt Howells
  • 40,310
  • 20
  • 83
  • 102
7

If you just need to try something out quickly, here's a quick and dirty solution. Use single quotes for the attribute value:

<parameter name='Quote = " '>
Community
  • 1
  • 1
Brad Cupit
  • 6,530
  • 8
  • 55
  • 60
2

In C++ you can use EscapeXML ATL API. This is the correct way of handling special chars ...

Neven
  • 21
  • 1
2

You can try using the a backslash followed by a "u" and then the unicode value for the character, for example the unicode value of the double quote is

" -> U+0022

Therefore if you were setting it as part of text in XML in android it would look something like this,

<TextView
     android:layout_width="match_parent"
     android:layout_height="match_parent"
     android:text=" \u0022 Showing double quotes \u0022 "/>

This would produce a text in the TextView roughly something like this

" Showing double quotes "

You can find unicode of most symbols and characters here www.unicode-table.com/en

EAM
  • 361
  • 2
  • 5
  • You can find unicode of most symbols and characters here https://unicode-table.com/en/ – EAM Nov 12 '17 at 19:06