OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

 


 

   Re: [xml-dev] Postel's law, exceptions

[ Lists Home | Date Index | Thread Index ]

At 9:36 PM -0500 1/13/04, Michael Champion wrote:
sending it to a parser.  Maybe a subtle difference, but it really 
feels very different to me to sniff for encoding errors and declare 
the HTML entities before parsing than to do the kind of thing that 
could change the meaning of the text (as in Tim Bray's example).

Hmm, smells like a security hole to me. I could certainly create a 
well-formed RSS feed in which the HTML entities did not have their 
usual replacement text. Some clients would see one message. Others 
would see another. You might be able to manipulate this to get a 
party to agree to something other than what they thought they were 
agreeing too. If Atom/RSS is going to be XML, it needs to be XML, 
draconian error handling and all. No compromises.
-- 

   Elliotte Rusty Harold
   elharo@metalab.unc.edu
   Effective XML (Addison-Wesley, 2003)
   http://www.cafeconleche.org/books/effectivexml
   http://www.amazon.com/exec/obidos/ISBN%3D0321150406/ref%3Dnosim/cafeaulaitA




 

News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS