This appears to be part of the spec.: http://wiki.opensocial.org/index.php?title=Opensocial.EscapeType_(v0.9) It should be passed by a gadget as either 'none' or 'htmlEscape'. The default is htmlEscape. Currently Shindig (PHP version) is not html escaping the output for people data for us. I also can't see how to set this in the JSON-RPC request fields. Can anyone advise? Thanks Justin
