Currently the manual youtube uses only “&”, although & amp; work, I prefer to keep the rules laid down by Google.
However, in the next version will insert a filter, so you will be able to escape parameters using a filter in functions.php
Thread Starter
cpag
(@cpag)
Here is the documentation : https://developers.google.com/youtube/iframe_api_reference#Loading_a_Video_Player .
They just forgot to escape. All HTML attributes must be escaped, the right way is the standard from W3C. Try to validate a page with your plugin : http://validator.w3.org/ . Your plugin makes invalid Web pages.
Added option w3c on widget and shortcode in the v0.6
Thread Starter
cpag
(@cpag)
Thanks.
But you know, after the HTML code is parsed by the browser, all invalid “&” are fixed and the JavaScript code from Youtube can’t see any difference. This option shouldn’t be an option. Really, it is just a best practice to respect the standard.
For example, this code displays the same URL twice:
<!doctype html>
<html><body>
<iframe id="player1" type="text/html" width="640" height="390"
src="http://www.youtube.com/embed/M7lc1UVf-VE?enablejsapi=1&origin=http://example.com"
frameborder="0"></iframe>
<iframe id="player2" type="text/html" width="640" height="390"
src="http://www.youtube.com/embed/M7lc1UVf-VE?enablejsapi=1& amp;origin=http://example.com"
frameborder="0"></iframe>
<script>
var p1 = document.getElementById('player1');
var p2 = document.getElementById('player2');
alert(p1.getAttribute('src') + "\n\n" + p2.getAttribute('src'));
</script>
But OK thank you for the option.
