Academy HTB - XSS Module theorical questions

Hello everyone,
I just ended the XSS module spending several hours on it due to some misunderstanding.

During my experience, could you please explain me why:

  • in Session Hijacking section, if I give a look on page source, I see that the <input> arguments like name, placeholder… have the single quotes among the value inside, for example:
    <input name='username' placeholder='Username' type='text'>
    but when you must inject the code, it works if you start the injection with a double quotes "> and does not work with a single quote '>. Why? Looking the page source should not be more correct with '> since the values of the arguments above are between single quotes?
  • Why if I start a PHP server on port 8081 my injection does not work while if I start on port 8080 it works?

Thank you in advance