- From: Richard A. O'Keefe <ok@atlas.otago.ac.nz>
- Date: Fri, 25 Aug 2000 15:19:57 +1200 (NZST)
- To: chris@webarchitects.co.uk, html-tidy@w3.org
If you use SSI in form elements like this:
<input type="text" name="referer"
value="<!--#echo var="HTTP_REFERER"-->" />
From the /> at the end, I see this is XHTML.
Looking in the XML 1.0 spec (actually the latest revised draft),
we find in section 2.3 that
[10] AttValue ::= '"' ([^<&"] | Reference)* '"'
| "'" ([^<&'] | Reference)* "'"
That is, within an attribute value,
ampersand is reserved for introducing character/entity references,
the quotation mark you started with is forbidden, and
THE LESS THAN SIGN IS NOT AT ALL ALLOWED.
I don't really see the point in this restriction. After all, we're
talking about the inside of a string, and there is nothing else that
less than could mean there. Perhaps it was precisely so that people
*could* write stuff like this.
What's more, if we look at it, what we see is
[value] [=] ["<!--#echo var="] [HTTP_REFERER] ["-->"]
which would not be syntactically legal XHTML even if XML *did*
allow less than signs inside attribute values, because it would
be two attribute bindings, one of them missing an equal sign.
Would it be possible to change this to
value='<!--#echo var="#HTTP_REFERER"-->'
where the quotation marks are different?
Received on Thursday, 24 August 2000 23:20:11 UTC