> Neither is legal XML, both should fail. You can either escape the > content or use a CDATA block. You're of course right. Both are illegal. Somebody suggested to me that the original problem might be caused by incorrectly encoded entities (& ") and reading through the w3c spec (always a bad idea) got me confused to the extend of believing that you only had to encode character entities in attribute values; which isn't the case. Can't in fact be the case, otherwise the parser couldn't differentiate between a "normal" ampersand and the beginning of a character entity. Which brings me back to my original problem of receiving a truncated XML as an HTML post (see my previous question). This ONLY HAPPENS when there is an ampersand somewhere in the message. Could it be that CGI.params behaves differently when there is an ampersand in the request, e.g. it tries to parse the request into key/value pairs and returns a hash rather than a simple string in that case!? I think I might be on to something there.. -- Posted via http://www.ruby-forum.com/.