>I have a db table that contains the validation xpath expression. When I read the table the XML is fine.
Sorry, you haven't explained that very well. You've got an XPath expression in a database table. So where does the XML come into it? Is it really an XPath expression in an XML document in a database table?
>When I use xpath to retrieve the validation text
I guess if you're using XPath to retrieve the string, then the string must be in an XML document. Which means you must have parsed the XML document. And converting " to " is one of the things that XML parsers do, for very good reasons.
>and store it in a variable so I can use it in WHEN clause, the xpath validation value no longer contains the escaped expressions but "'" or '"'.
Well, so it should. If you look in the XPath grammar, you won't find any mention of " or '. An XPath parser expects to see these written as " and '.
>So my xslt fails.
I don't think that's why it failed. How were you using the XPath expression contained in your variable? The only way to do this is using an extension such as dyn:evaluate(), and that certainly would not expect special characters to be escaped using XML conventions.
Author, XSLT 2.0 and XPath 2.0 Programmer's Reference