W3C home > Mailing lists > Public > whatwg@whatwg.org > December 2008

[whatwg] Stability of tokenizing/dom algorithms

From: Edward Z. Yang <edwardzyang@thewritingpot.com>
Date: Mon, 15 Dec 2008 16:06:16 -0500
Message-ID: <4946C6C8.6040207@thewritingpot.com>
Ian Hickson wrote:
> I don't really see why a sanitiser needs extensibility though. Could you 
> elaborate on this? Surely you just want to filter anything that isn't 
> valid or safe, and only leave the valid safe stuff, using a whitelist.

In theory, I could write separate sanitizers for HTML 4, XHTML 1.0,
XHTML 2.0, HTML 5, etc. In practice, I want to reuse as much code as
possible between these cases, since I'm a lazy developer. Perhaps
"extensibility" is not the right word here; it's more like "reusability"
of components.

A side-note: something we've been looking into is bolting on extensions
to the HTML language. A user might write something in HTML 5, but the
website is in HTML 4, so the sanitizer converts the HTML 5 into a more
ugly but functional HTML 4 version, and returns that. The future, today!

Cheers,
Edward
Received on Monday, 15 December 2008 13:06:16 UTC

This archive was generated by hypermail 2.3.1 : Monday, 13 April 2015 23:08:46 UTC