HTML Guide for square bracket

Bad value X for attribute “src” on element “iframe”: Illegal character in query: “[” is not allowed.

iframe
src
encoding
square bracket

The src attribute contains square brackets ([ or ]) in the URL’s query string, which are not permitted in valid HTML URLs.

According to the HTML standard, attribute values such as URLs must conform to valid URI syntax. Unencoded square brackets are reserved characters in URI syntax and must be percent-encoded. Specifically, [ should be replaced with %5B and ] with %5D. This ensures the URL is correctly interpreted by browsers and validators. For example, a URL parameter like sort=[asc] should be coded as sort=%5Basc%5D.

Correct HTML Example:

<iframe src="/page?time=%5Btimestamp%5D"></iframe>

Always encode reserved characters in URLs when using them in HTML attribute values to ensure W3C compliance.