[whatwg] Stability of tokenizing/dom algorithms

On Mon, 15 Dec 2008, Edward Z. Yang wrote:
> Ian Hickson wrote:
> > In general you should be able to just implement what the spec says and 
> > then either leave the HTML5 support in (it's unlikely to cause any harm) 
> > or just comment out the support for the new elements, that should be 
> > relatively easy.
> 
> Right, this is mostly what I intended to do. But from what I can tell, 
> there's a difference between the design philosophies of HTML 5 and XHTML 
> 2.0; XHTML tries to make everything "extensible" and able to be imported 
> from other places, while HTML 5 attempts to document what exists, and 
> then make sensible additions as necessary. HTML 5 pragmatism makes sense 
> for a user-agent, but the XHTML extensibility is useful for a sanitizer, 
> which doesn't actually have to render anything and needs to support 
> multiple dialects and variants.

Extensibility certainly isn't a priority for HTML5 in text/html, at least 
not compared to compatibility, indeed.

I don't really see why a sanitiser needs extensibility though. Could you 
elaborate on this? Surely you just want to filter anything that isn't 
valid or safe, and only leave the valid safe stuff, using a whitelist.

-- 
Ian Hickson               U+1047E                )\._.,--....,'``.    fL
http://ln.hixie.ch/       U+263A                /,   _.. \   _\  ;`._ ,.
Things that are impossible just take longer.   `._.-(,_..'--(,_..'`-.;.'

Received on Monday, 15 December 2008 13:02:17 UTC