Inside an attribute value: use single or double quotes, then escape ampersand (&) and the other type of quote (" or ').
In a text value: all you need to escape are less than (<) and ampersand (&).
In any other location: … why are you doing this? (<>"'& is enough to cover everything, but you probably shouldn’t be doing this in the first place.)
Inside an attribute value: use single or double quotes, then escape ampersand (&) and the other type of quote (" or ').
In a text value: all you need to escape are less than (<) and ampersand (&).
In any other location: … why are you doing this? (<>"'& is enough to cover everything, but you probably shouldn’t be doing this in the first place.)