Re: unicode escapes in prefix names

* Andy Seaborne <andy.seaborne@epimorphics.com> [2011-11-23 14:58+0000]
> 
> 
> On 23/11/11 14:50, Éric Prud'hommeaux wrote:
> >* Richard Cyganiak<richard@cyganiak.de>  [2011-11-23 13:36+0000]
> >>On 23 Nov 2011, at 01:20, Gavin Carothers wrote:
> >>>>I would argue that SPARQL is changing to avoid a security risk in SPARQL Update:
> >>>>http://lists.w3.org/Archives/Public/public-rdf-dawg-comments/2011Aug/0010.html
> >>>
> >>>Obfuscated comments are not really a security risk.
> >>
> >>The problem is obfuscated DELETE statements, not obfuscated comments.
> >
> >I believe this whitepaper describes the security risk http://xkcd.com/327/
> 
> :-) although it's blue-grey on my screen.
> 
> SPARQL Query and SPARQL Update are separate languages.  This is
> different to SQL.
> 
> >The point is that in SPARQL 1.0, the grammar never "sees" xxx:Éire. You can sprinkle them where you like, but they are only useful for folks who are editing unicode in ascii, which is a small and shrinking use case.
> 
> The grammar never "sees" xxx:\u00C9ire

confirming Andy's correction to my typo
tx.

> The grammar accepts (as does Turtle) xxx:Éire
> 
>  Andy
> 

-- 
-ericP

Received on Wednesday, 23 November 2011 15:17:50 UTC