W3C home > Mailing lists > Public > whatwg@whatwg.org > February 2013

Re: [whatwg] XML data islands related question

From: Jukka K. Korpela <jkorpela@cs.tut.fi>
Date: Thu, 07 Feb 2013 20:03:07 +0200
Message-ID: <5113EC5B.8050500@cs.tut.fi>
To: whatwg@lists.whatwg.org
2013-02-07 17:55, Randy wrote:

> As far as I'm aware, Data Blocks should be or is part of HTML5.  See
 > https://developer.mozilla.org/en/docs/Using_XML_Data_Islands_in_Mozilla
 > for more info.

It's a somewhat similar concept, but it's about embedded data in 
general, not specifically XML data. Moreover, the <xml> element (which 
was, as far as I can see, implemented only in IE versions 5 and 6) was 
specifically for XML data, implying the idea that the browser parses the 
XML data and makes it available in a certain way that you could use with 
HTML attributes.

Although <xml> had its merits, it seems to be water under the bridge 
now, not supported even by modern versions of IE (though they seem to 
have an excuse for a surrogate for broken support: <xml>foobar</xml> 
gets ignored, whereas other browsers ignore just the tags and render 
foobar).

The current WHATWG HTML document, as well as the W3C HTML5 CR, defines 
<script> really as a multi-purpose element:
"The script element allows authors to include dynamic script and data 
blocks in their documents."
http://www.whatwg.org/specs/web-apps/current-work/multipage/scripting-1.html#the-script-element

So the name is really a misnomer, though it reflects the most common use 
of the element. The content can be plain text, XML text, or text in any 
format, as long as you take care of parsing it. In practice, if the type 
attribute is set to any value except one of the strings interpreted as 
referring to JavaScript, the content is taken just as a block of text 
data, made available to client-side scripting but otherwise ignored.

However, browsers do not seem to support using a src attribute then; the 
non-script data must be inline, as element content, not fetched from an 
external source. I suppose the usual suspects (security considerations) 
are to be blaimed. This however means that the technique is not 
comparable to <xml>, which allowed external references.

It might be useful to mention explicitly in the spec that browsers do 
not generally allow non-script to be specified via the src attribute. 
And perhaps the spec should say that this is implementation-dependent 
and recommend that such references should be allowed, with due security 
considerations.

It's a bit odd that if you wish to set up a standalone application 
running in a browser (often called "HTML5 application", without implying 
any particular version of HTML5), you can include e.g. scripts and 
images in separate files but not plain text or XML data

Yucca
Received on Thursday, 7 February 2013 18:03:34 UTC

This archive was generated by hypermail 2.3.1 : Monday, 13 April 2015 23:09:19 UTC