OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help



   Re: [xml-dev] Some comments on the 1.1 draft

[ Lists Home | Date Index | Thread Index ]

On Wed, Dec 19, 2001 at 11:33:15PM +0000, Richard Tobin wrote:
> >but it seemed to me logical that character refs would be a good way to
> >escape characters not otherwise allowed in text ... I'm sure there is a good
> >reason why this isn't allowed -- I mean it does let me stuff an < into an
> >attribute, so what is the huge difference between that and � ? Oh well,
> Nul is a particularly special case.  Parsers generally replace
> character references with the referenced character, and allowing nul
> in the data returned to the application makes it impossible to use a C
> string.  If nul had been in from the start that would have merely been
> tedious, but to break existing parser interfaces is much worse.

  Concrete example, libxml API are based on 0 terminated C string. Allowing
NUL would force a complete redesign of the APIs, and break all the applications
using the XML Gnome library. If NUL goes in, libxml will not be made compliant
to 1.1 . Adding NUL breaks heavilly the assumptions made when designing the
library, the APIs and the apps relying on it. I would then be faced to the
dilemna of not implementing fully 1.1 or not at all, and for purity may
select to not upgrade the libraries to implement 1.1 .
  To me adding NUL is a threat to actually get 1.1 implemented and deployed,
people may perfer rejecting 1.1 documents than risking having application 
misbehaving on NUL even if the parser can handle it correctly. Sounds a
really interesting way to generate a bunch of Denial of Service attacks on
XML based internet services, I would leave that to the proponents of this


Daniel Veillard      | Red Hat Network https://rhn.redhat.com/
veillard@redhat.com  | libxml Gnome XML XSLT toolkit  http://xmlsoft.org/
http://veillard.com/ | Rpmfind RPM search engine http://rpmfind.net/


News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS