- From: Noah Mendelsohn <nrm@arcanedomain.com>
- Date: Mon, 17 Jan 2011 20:48:29 -0500
- To: John Cowan <cowan@mercury.ccil.org>
- CC: Norman Walsh <ndw@nwalsh.com>, public-html-xml@w3.org
On 1/17/2011 4:24 PM, John Cowan wrote:
> Despite
> the code/data duality of XML (and Lisp), we typically know whether a given
> piece of text is code or data.
Really? Consider:
<script type="application/xml">
<newlang:program xmlns:newlang="...URI for the language...">
...program in XML syntax goes here...
...this should execute, just as javascript does...
</newlang:program>
</script>
vs.
<script type="application/xml">
<data:items xmlns:data="...URI for the data model...">
...please don't even try to execute data...
</data:items>
</script>
How in general does a browser know whether something is >intended< as code
or data, if we authorize use of <script> for both?
AFAIK today, there is a risk that my browser won't support the language
used for the script, but there's no ambiguity that there >is< an executable
script, and that the intention is that it be run. Once <script> gets
overloaded for data, you lose that distinction.
As I proposed on the phone, something like:
<script type="application/xml" norun="true">
<data:items xmlns:data="...URI for the data model...">
...please don't even try to execute data...
</data:items>
</script>
is crufty, but at least it disambiguates the cases.
Noah
Received on Tuesday, 18 January 2011 01:48:58 UTC