- From: <bugzilla@jessica.w3.org>
- Date: Fri, 04 Mar 2011 02:46:18 +0000
- To: public-html@w3.org
http://www.w3.org/Bugs/Public/show_bug.cgi?id=12235 Summary: Make <xmp> conforming Product: HTML WG Version: unspecified Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: HTML5 spec (editor: Ian Hickson) AssignedTo: ian@hixie.ch ReportedBy: Simetrical+w3cbug@gmail.com QAContact: public-html-bugzilla@w3.org CC: mike@w3.org, public-html-wg-issue-tracking@w3.org, public-html@w3.org The HTML parser supports <xmp> to suppress parsing of content. This would be really useful when writing up sample HTML markup by hand, like in specs. I hate having to write <b>Foo</b> and so on, I always do it really slowly and make mistakes. <xmp> should be added as having identical semantics to <pre>, but with special parsing behavior. Obviously, it wouldn't work the same in XML, just like <script> and so on. The obvious issue with <xmp> is authors might use it to automatically wrap user input, which stops inadvertent XSS but won't protect against a malicious attack. But it's a pretty obscure element, and I don't expect making it valid will make it so much more popular that authors will create many extra XSS vulnerabilities because of it. -- Configure bugmail: http://www.w3.org/Bugs/Public/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
Received on Friday, 4 March 2011 02:46:20 UTC