Dumb question… does anyone know if the following XML construct is technically legal?

<a title="<![CDATA[lame <i>test</i>]]>" href="http://www.debian.org/">blah</a>

PyExpat barfs on it, as does Mozilla’s XML parser, and I suspect they’re right to do so, but I can’t find anything in the XML specification that says, definitively, whether or not CDATA declarations are allowed in attributes. (If this is incorrect XML, Movable Type 2.661 generates invalid RDF/XML and my trackback discovery code isn’t busted.)

First it was Movable Type doing it… now, WordPress generates differently but equally-broken XML for its inline trackback RDF discovery. Here’s an example:

<rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" 
    xmlns:dc="http://purl.org/dc/elements/1.1/"
    xmlns:trackback="http://madskills.com/public/xml/rss/module/trackback/">
<rdf:Description
    rdf:about="http://xrlq.com/archives/2004/04/30/1475/hat-of-the-day-chip-frederick/"
    dc:identifier="http://xrlq.com/archives/2004/04/30/1475/hat-of-the-day-chip-frederick/"
    dc:title="\'Hat of the Day:  Chip Frederick"
    trackback:ping="http://xrlq.com/wp-trackback.php/1475" />
</rdf:RDF>

Backslashes don’t escape anything in XML…

Update: Per the trackback below, WordPress fixed it! So, the current score is: WP 1, MT 0. (So, my message to all you WordPress bloggers over there on the sidebar: get thee to an update.)