W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2008

Re: PROPOSAL: i74: Encoding for non-ASCII headers

From: Frank Ellermann <nobody@xyzzy.claranet.de>
Date: Tue, 25 Mar 2008 18:52:02 +0100
To: ietf-http-wg@w3.org
Message-ID: <fsbdvc$tt6$1@ger.gmane.org>

Julian Reschke wrote:
> There are characters allowed in HTTP headers that need to be
> escaped both in HTML and XML, such as "<".

For symmetry you'd also protect ">", and of course "&" when it
doesn't introduce a hex. NCR.  At the end you can keep a hex.
NCR "as is" for the purpose of "displaying" it by insertion in
a dummy <title></title><pre> header </pre> HTML file.

Works like a charme for transformations of BCP 47 registries
to XML, admittedly that has the advantage of not using raw &
characters, any & always starts a hex. NCR, for examples see
<http://xyzzy.webhp.info/home/ltru/ltru2xml.awk> (script)
<http://xyzzy.webhp.info/home/ltru/ltru801.xml>  (output)

> Could you please provide an example?

See above.  I can't say why you mentioned &amp;#x26; output as
example for &#x26; input, it has nothing to do with displaying
hex. NCRs "as is".  But of course it is possible to do this, 
like it's possible to protect input \u'0026' by say \\u'0026' 
& => &amp; or & => &#26; is the same idea as \ => \\

Received on Tuesday, 25 March 2008 17:50:23 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:10:45 UTC