HTML entities which are contained in an SSI set directive aren't resolved by the SSI filter (in contrary to what is done by mod_include of Apaches HTTP). mod_include resolves all HTML entities in most of the attribute values of ssi directives. It also resolves \" to " and \$ to $. The ssi filter of tomcat resolves all escaped character which are escaped with a backslash, but no HTML entities at all. Apart from that, giving encoding "entity" should be different from giving encoding="none" to the SSI echo directive. One should replace all invalid HTML characters by valid HTML entities and the other one should do nothing. The encoding is especially important if you wan't to store a HTML-Comment within a SSI variable. If I want to store a variable test with the value "<!-- testvalue "x" -->" <!--#set var="test" value="<!-- testvalue "x" -->"--> for mod_include you must write: <!--#set var="test" value="<!-- testvalue \"x\" -->" --> for Tomcats SSI you must write: <!--#set var="test" value="<!\-\- testvalue \"x\" \-\->" --> And there should be a difference whether I output this variable with <!--#echo var="test" encoding="none" --> which should lead to <!-- testvalue "x" -->, or <!--#echo var="test" encoding="entity" --> which should lead to <!-- testvalue "x" -->
This has been fixed in trunk and proposed for 6.0.x.
The patch has been applied to 6.0.x and will be in 6.0.17 onwards.