Re: unicode escapes in prefix names

On 23/11/11 14:50, Éric Prud'hommeaux wrote:
> * Richard Cyganiak<richard@cyganiak.de>  [2011-11-23 13:36+0000]
>> On 23 Nov 2011, at 01:20, Gavin Carothers wrote:
>>>> I would argue that SPARQL is changing to avoid a security risk in SPARQL Update:
>>>> http://lists.w3.org/Archives/Public/public-rdf-dawg-comments/2011Aug/0010.html
>>>
>>> Obfuscated comments are not really a security risk.
>>
>> The problem is obfuscated DELETE statements, not obfuscated comments.
>
> I believe this whitepaper describes the security risk http://xkcd.com/327/

:-) although it's blue-grey on my screen.

SPARQL Query and SPARQL Update are separate languages.  This is 
different to SQL.

> The point is that in SPARQL 1.0, the grammar never "sees" xxx:Éire. You can sprinkle them where you like, but they are only useful for folks who are editing unicode in ascii, which is a small and shrinking use case.

The grammar never "sees" xxx:\u00C9ire

The grammar accepts (as does Turtle) xxx:Éire

 Andy

Received on Wednesday, 23 November 2011 14:59:22 UTC