- From: Foteos Macrides <MACRIDES@SCI.WFBR.EDU>
- Date: Mon, 29 Jul 1996 18:22:15 -0500 (EST)
- To: www-html@w3.org
murray@spyglass.com (Murray Altheim) wrote: >[...] >Comments are only allowed in declarations. And the only declarations within >HTML document instances you'll find are comment declarations -- all the >rest is considered markup. You'll note that you can't put <!ENTITY ..> >declarations within the document instance either. Could you elaborate on these issues in relation to marked sections and the scripting issue? <!-- is OK in a document instance, and ultimately should end with a --> or --white> but can't reliably hide a script which might contain -- as a decrementer, or --, -->, etc., as strings in script statments. <SCRIPT ...>...</SCRIPT> is almost OK with "add hoc" parsers that just look for the end tag, but those still could get tripped up if </SCRIPT> were in a script statement and not really the end tag, and it seems basically to have the same problem for real SMGL parses as do PLAINTEXT and XMP. <![[ also has the problem that a script statement might include what looks like it's terminator. So isn't it in fact true that the ONLY way to include script code "100%" safely in an HTML document instance is as an encoded (hex or BASE64) attribute value? Fote ========================================================================= Foteos Macrides Worcester Foundation for Biomedical Research MACRIDES@SCI.WFBR.EDU 222 Maple Avenue, Shrewsbury, MA 01545 =========================================================================
Received on Monday, 29 July 1996 18:22:55 UTC