- From: Jamie Lokier <jamie@shareable.org>
- Date: Fri, 4 Jul 2008 14:18:35 +0100
- To: Mark Baker <distobj@acm.org>
- Cc: John Kemp <john@jkemp.net>, Sam Ruby <rubys@us.ibm.com>, Daniel Stenberg <daniel@haxx.se>, HTTP Working Group <ietf-http-wg@w3.org>, public-html@w3.org, public-html-request@w3.org
Mark Baker wrote: > >>>> http://feedvalidator.org/testcases/atom/1.1/brief-noerror.xml > > > >> The content-type is reported (via 'View Page Info') in my Firefox 2 as > >> application/xhtml+xml. However, the page is rendered as if it were an > >> ATOM feed (which usually has the content-type application/atom+xml IIRC) > >> rather than as if it were XHTML. > > > > That's because the MIME-type dispatch of the application/xhtml+xml > > type triggers XML processing by namespace-based dispatch. > > Not if you're going by the spec! I ensured that the old HTML WG > stayed well clear of that issue, which is why it isn't mentioned in > RFC 3236. RFC 3023 also explicitly warns against assuming it. Ok, it's not mentioned, not assumed etc. > Not that it's that big a deal, because there's definitely utility in > such an interpretation of a mixed namespace document. If you put well-known namespaces into an XHTML document, imho it's pretty much asking the browser to render those components of the document as it sees fit. Why _else_ would you do that? I agree there's potential security issues with that, if the "rendering" invokes active behaviour which is unexpected, or which hides information or presents it misleadingly. But i think you can reasonably argue that displaying Atom XML the way Firefox does is nothing more than styling. Styling is acceptable, and it's also very clear in this instance. That is one thing Content-Type doesn't handle well. Imagine an XHTML document which contains XHTML, some MathML (somewhere in the second paragraph), some SVG (inline picture over there), some VRML (same), a little bit of Atom (in a sidebar). There is no Content-Type which says "this document should be presented as a composition of these types", unless you consider the XML types to mean that. > There's just a loss of flexibility and visibility (and therefore > security) in using embedded metadata like a namespace, rather than > external metadata such as a media type. I'm not sure I agree with this. Any time you might look at external metadata, if that metadata says "this document contains mixed types" than you'll proceed to look into the document - or classify it as too complex to classify for security/visibility purposes. XHTML even provides strict parsing rules to make sure that's reliable :-) -- Jamie
Received on Friday, 4 July 2008 13:19:19 UTC