W3C home > Mailing lists > Public > site-comments@w3.org > October 2004

XHTML validator - possible bug

From: Roman Ali <roman.ali@ntlworld.com>
Date: Sat, 02 Oct 2004 10:57:03 -0500
To: <site-comments@w3.org>
Message-ID: <000001c4a864$5f382ed0$1fb20252@ROMANSDESKTOP>
To whom it may concern,
            My name is Roman Ali and I am a second-year undergraduate
computer science student at the University of Manchester.  I am a
technology enthusiast, and therefore happened to be browsing your
website for no particular reason other than to learn a bit more about
Web development.  Anyway, recently I had clicked on one of your “valid
XHTML” links (found at the bottom of most of your Web pages) and found
that some of these pages did not actually validate.  This seemed
somewhat ironic, and amusing, for a person such as myself, considering
the fact that the World Wide Web Consortium is considered to be the
world authority of Web development.  I let you know of this via email.
Today I clicked on one of these pages again and was pleased to see that
it did validate.  However, the results page (which says the referring
page has validated) also had a link to validate it (i.e. to validate the
result’s page).  The result’s page arising from that also had a link in
the same fashion.  This trend continued for all the results pages I
received.  It occurred to me that this could negatively affect your
systems IF you have not anticipated this in advance, and have not
pre-emptively put in measures to deal with such a situation.  You
probably have put in any necessary measures to deal with such a
situation, but I felt obliged to express my opinions just in case you
hadn’t.  I am sure you have understood what I have said, but in case I
have not been clear enough, I shall give an example below.
If I click on the “valid XHTML 1.0” link at the bottom of the page
located at: HYPERLINK "http://validator.w3.org/"http://validator.w3.org/
I receive the following results page: HYPERLINK
If I then click on the “valid XHTML 1.0” link at the bottom of the
results page I have just received, I receive another results page:
If I then click on the “valid XHTML 1.0” link at the bottom of this new
results page I have just received, I receive another results page:
..w3.org%25252F  -  and the trend continues.
In my opinion, if some malicious person, or someone who isn’t malicious
but ignorant, keeps continuing to click on the “valid XHTML 1.0” links
found on the results pages of validations he/she has carried out in an
iterative manner, the long addresses generated by such validations could
possibly negatively affect your systems and/or their browser.  This is
not a professional opinion as I am a student at the moment with limited
knowledge.  I would appreciate it very much if you would kindly let me
know whether the opinion I have expressed is true or not.  I ask for
this just so that I may increase my knowledge even further.  Thank you.
Yours faithfully
            Roman Ali.

Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.771 / Virus Database: 518 - Release Date: 28/09/2004
Received on Saturday, 2 October 2004 15:57:50 UTC

This archive was generated by hypermail 2.4.0 : Monday, 18 April 2022 20:33:44 UTC