fix: Escape '<' and '>' when serializing attribute values (#697)

There was an update to the HTML Standard (whatwg/html@e21bd3b) to mandate escaping of '<' and '>' in attribute values.

This commit updates the attribute serialization logic to comply with the current specification.

Author: pizzacat83

html5ever/src/serialize/mod.rs

@@ -107,8 +107,8 @@ impl<Wr: Write> HtmlSerializer<Wr> {
                 '&' => self.writer.write_all(b"&amp;"),
                 '\u{00A0}' => self.writer.write_all(b"&nbsp;"),
                 '"' if attr_mode => self.writer.write_all(b"&quot;"),
-                '<' if !attr_mode => self.writer.write_all(b"&lt;"),
-                '>' if !attr_mode => self.writer.write_all(b"&gt;"),
+                '<' => self.writer.write_all(b"&lt;"),
+                '>' => self.writer.write_all(b"&gt;"),
                 c => self.writer.write_fmt(format_args!("{c}")),
             }?;
         }

rcdom/tests/html-serializer.rs

@@ -140,7 +140,11 @@ test!(
     r#"<p><i>Hello!</i></p><i>, World!</i>"#
 );
 
-test!(attr_literal, r#"<base foo="<'>">"#);
+test!(
+    attr_literal,
+    r#"<base foo="<'>">"#,
+    r#"<base foo="&lt;'&gt;">"#
+);
 test!(attr_escape_amp, r#"<base foo="&amp;">"#);
 test!(
     attr_escape_amp_2,