[Bug 9207] Anything else: This part of the spec is problematic, for example, a query string variable &lang_id=1 in as part of an attribute of say an img tag, will get converted into an character token when it shouldn't be. Why is the set of characters a-z, A-Z, 0- from bugzilla@wiggum.w3.org on 2010-03-08 (public-html-bugzilla@w3.org from March 2010)

From: <bugzilla@wiggum.w3.org>
Date: Mon, 08 Mar 2010 01:28:59 +0000
To: public-html-bugzilla@w3.org
Message-Id: <E1NoRmF-0005P6-73@wiggum.w3.org>

http://www.w3.org/Bugs/Public/show_bug.cgi?id=9207


Jeff <mirthy@gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |mirthy@gmail.com




--- Comment #1 from Jeff <mirthy@gmail.com>  2010-03-08 01:28:58 ---
Discovered as part of a webkit bug that uses an HTML5 spec tokenizer:
https://bugs.webkit.org/show_bug.cgi?id=35831

Examples where the tokenizer will mangle the URL:
<img src="http://www.webkit.org/getImage.aspx?id=12345&lang_id=1"/>
&amp_energy=100
&lt-now=10


(In reply to comment #0)
> Section:
> http://www.whatwg.org/specs/web-apps/current-work/#tokenizing-character-references
> 
> Comment:
> Anything else:  This part of the spec is problematic, for example, a query
> string variable &lang_id=1 in as part of an attribute of say an img tag, will
> get converted into an character token when it shouldn't be.  Why is the set of
> characters a-z, A-Z, 0-9?  This poses a unique problem for any entities that
> aren't closed properly.
> 
> Posted from: 146.115.114.89
> 


-- 
Configure bugmail: http://www.w3.org/Bugs/Public/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.

Received on Monday, 8 March 2010 01:29:00 UTC