It seems like OutputXML just writes the plain string when writing attribute values.
It should probably call xml.EscapeText on it before writing. Quotes are most certainly disallowed in attributes, and some badly written parser might even hang when < or > are used.
It seems like
OutputXMLjust writes the plain string when writing attribute values. It should probably callxml.EscapeTexton it before writing. Quotes are most certainly disallowed in attributes, and some badly written parser might even hang when<or>are used.