In Appendix D of the Serialization 3.1 specification (also 3.0), input/@value is listed as a URI attribute subject to %HH escaping. However, this attribute does not typically contain a URI, it is not listed in the HTML DTD as being of type %uri, and if it is sent to the browser in %-escaped form, it will not be unescaped prior to display.
See https://github.com/w3c/qtspecs/issues/21