Issue 25239: HTMLParser handle_starttag replaces entity references in attribute value even without semicolon (original) (raw)

This seems indeed to be a bug. The relevant bit seems to be at http://www.w3.org/TR/html5/syntax.html#consume-a-character-reference :

""" If the character reference is being consumed as part of an attribute, and the last character matched is not a ";" (U+003B) character, and the next character is either a "=" (U+003D) character or an alphanumeric ASCII character, then, for historical reasons, all the characters that were matched after the U+0026 AMPERSAND character (&) must be unconsumed, and nothing is returned. However, if this next character is in fact a "=" (U+003D) character, then this is a parse error, because some legacy user agents will misinterpret the markup in those cases. """

Off the top of my head, this paragraph is not implemented in HTMLParser (and it should). Also note that foo is not valid HTML and the & should have been escaped with &.