- From: Maciej Stachowiak <mjs@apple.com>
- Date: Wed, 28 Dec 2005 04:00:16 -0700
- To: www-svg@w3c.org
"2. IRIREFs instead of IDREFs: the observer, handler and target attributes from XML Events are currently IDREFs. Since SVG 1.2 requires a declarative syntax for event handling in more than one document, it uses IRIREFs for those attributes, with the following restriction: only documents that are declaratively referenced as part of the current document, via the use and animation elements, can be referred to. Referring to any other arbitrary external document is unsupported and User Agents must ignore such references." Declarative attachment of event handlers to external documents is a potential security risk if it is allowed on documents that come from different domains. It also seems to add significant complexity. I suggest removing this capability. It can still be done through scripting, and the proper security model will be applied. Also it seems inappropriate to take attributes and elements from namespaces defined by other specs and change their meaning. What if a UA wants to implement both XML Events as specified and SVG 1.2 Tiny? Therefore, if the changed meaning of these attributes is kept, they should be either renamed or put in another namespace. Finally, "handler" takes a URI, not an IDREF, in XML Events. Regards, Maciej
Received on Wednesday, 28 December 2005 11:00:47 UTC