- From: Richard A. O'Keefe <ok@atlas.otago.ac.nz>
- Date: Fri, 25 Aug 2000 15:19:57 +1200 (NZST)
- To: chris@webarchitects.co.uk, html-tidy@w3.org
If you use SSI in form elements like this: <input type="text" name="referer" value="<!--#echo var="HTTP_REFERER"-->" /> From the /> at the end, I see this is XHTML. Looking in the XML 1.0 spec (actually the latest revised draft), we find in section 2.3 that [10] AttValue ::= '"' ([^<&"] | Reference)* '"' | "'" ([^<&'] | Reference)* "'" That is, within an attribute value, ampersand is reserved for introducing character/entity references, the quotation mark you started with is forbidden, and THE LESS THAN SIGN IS NOT AT ALL ALLOWED. I don't really see the point in this restriction. After all, we're talking about the inside of a string, and there is nothing else that less than could mean there. Perhaps it was precisely so that people *could* write stuff like this. What's more, if we look at it, what we see is [value] [=] ["<!--#echo var="] [HTTP_REFERER] ["-->"] which would not be syntactically legal XHTML even if XML *did* allow less than signs inside attribute values, because it would be two attribute bindings, one of them missing an equal sign. Would it be possible to change this to value='<!--#echo var="#HTTP_REFERER"-->' where the quotation marks are different?
Received on Thursday, 24 August 2000 23:20:11 UTC