Escape single quote (') characters as '

[RyanGlScott]

I was surprised to discover that the escapeXml function escapes double quotes (") but not single quotes ('). Digging into the source code of tagsoup, I found this comment:

tagsoup/src/Text/HTML/TagSoup/Entity.hs

Lines 73 to 82 in 99a43e9

	-- | A table mapping XML entity names to resolved strings. All strings are a single character long.
	-- Does /not/ include @apos@ as Internet Explorer does not know about it.
	xmlEntities :: [(String, String)]
	xmlEntities = let a*b = (a,[b]) in
	["quot" * '"'
	,"amp" * '&'
	-- ,"apos" * '\'' -- Internet Explorer does not know that
	,"lt" * '<'
	,"gt" * '>'
	]

This suggests that the reason that single quotes aren't escaped is due to Internet Explorer not supporting '. But this feels a bit too conservative, since Internet Explorer does support ', as suggested here. (Credit goes to this stache pull request for that idea.)

Would you be open to escapeXml escaping single quotes as ' instead?

[ndmitchell]

Having Google'd, there doesn't seem to be a consistent set... Quite a lot do &<>, some more do &<>", others do &<>"' and some add / in there for reasons I can't fathom. I think you're right, I'd happily take a patch to make it escape ' to the numeric variant.

If this is the only function you're using in tagsoup, you may wish to consider using https://hackage.haskell.org/package/extra-1.6.9/docs/Data-List-Extra.html#v:escapeHTML instead (which also doesn't escape ', but for which I'd also happily take a patch).

[RyanGlScott]

I've opened #75 and ndmitchell/extra#38 to incorporate this fix into tagsoup and extra, respectively.