W3C home > Mailing lists > Public > whatwg@whatwg.org > June 2010

[whatwg] Allowing ">" in attribute values

From: Tab Atkins Jr. <jackalmage@gmail.com>
Date: Thu, 24 Jun 2010 09:01:55 -0700
Message-ID: <AANLkTilJYhS8nheyxqsNCTWhZQFRwNMN-YIRAbiYpI3-@mail.gmail.com>
On Thu, Jun 24, 2010 at 8:20 AM, Benjamin M. Schwartz
<bmschwar at fas.harvard.edu> wrote:
> On 06/24/2010 11:04 AM, Kornel Lesinski wrote:
>> If you mean "parsing" with regular expressions, then I think that's a bad practice and shouldn't be encouraged.
>
> Worldwide, regarding HTML, I'm sure there is 100 times more regular
> expression processing code than full-on lexing code. ?Most code that
> processes HTML is embedded in scripts, doing some small special-purpose
> operation. ?Those regular expressions aren't going away. ?Helping them
> break less is a noble cause.

Actually, if we could make regex-based "parsing" break more, it would
probably be a net positive for the world.  Regexes are the source of
so many holes in "validation"-type scripts.

In any case, XML doesn't require > to be escaped in attribute values,
and HTML doesn't appear to either.  In practice, > is used in
attribute values, so declaring it verboten wouldn't be helpful.

~TJ
Received on Thursday, 24 June 2010 09:01:55 UTC

This archive was generated by hypermail 2.4.0 : Wednesday, 22 January 2020 16:59:24 UTC