- From: Addison Phillips via GitHub <sysbot+gh@w3.org>
- Date: Thu, 10 Mar 2022 18:35:26 +0000
- To: public-css-archive@w3.org
Property names are used in CSS "code" and have to be be parsed, matched, and otherwise referenced. Abusive names can cause spoofing problems (even though the underlying code point sequence is still just some integers and the parser may not care). For example, is `--\0301` a variable reference? Or an error? (using `U+0301 COMBINING ACUTE ACCENT` as an example of a combining mark at the start of a name) Property values are data and can include natural language text (as well as, well, any character data, including junk). While the value space might be limited by applications in different ways, there don't appear to be any requirements to do so here. In fact, your Spec goes out of its way to highlight this fact: > Because custom properties can contain anything, there is no general way to know how to interpret what’s inside of them (until they’re substituted into a known property with [var()](https://www.w3.org/TR/css-variables-1/#funcdef-var)). Rather than have them partially resolve in some cases but not others, they’re left completely unresolved; they’re a bare stream of [CSS tokens](https://www.w3.org/TR/css-syntax-3/#tokenization) interspersed with var() functions. -- GitHub Notification of comment by aphillips Please view or discuss this issue at https://github.com/w3c/csswg-drafts/issues/7129#issuecomment-1064371578 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Thursday, 10 March 2022 18:35:28 UTC