Re: Comments in markup?

On Mon, 29 Jul 1996, Albert Lunde wrote:

> At 6:22 PM 7/29/96, Foteos Macrides wrote:
> >	So isn't it in fact true that the ONLY way to include script
> >code "100%" safely in an HTML document instance is as an encoded (hex
> >or BASE64) attribute value?
> While this has some merit, it may run into another set of problems due to
> SGML or implementation limits on the size of attribute values.
> (Some options, including this and the CDATA marked sections may also be
> unpopular as being hard to type and/or not enough like the popular flavors
> of script/tag soup.)

I would say this has a lot of merit - further, it would be perfectly
possible to invent some form of server-side storage which is _not_ valid
SGML or HTML, but which _is_ usable as a script delimiter, eg:

<SCRIPT><!-- script started there -->
/* this is now a script - the delimiters are <SCRIPT>...</SCRIPT>, but
   could easily be say [[[ ... ]]] within <SCRIPT>...</SCRIPT> */
<!-- script stopped here -->

This is readable and not too tricky to do. Then you write a parser (or,
under Apache, an internal module) to parse .phtml, or whatever you might
want to call it, into BASE64 encoding for an attribute. Better yet, the
httpd could be configured to use a temporary pseudodirectory, say
/scripts/, which needn't even exist except virtually, in which it
temporarily puts the script file, and then references using <SCRIPT

This could be done completely transparently to the user - the HTML spec
gets cleaned up, but users don't actually have to think about it unless
they really want to. Since I doubt very much that most users will want to
take the time for a two-line script to move it into a separate file, or
encode it, or whatever, this seems to me to be an acceptable (if barely)
way round.

So, what have I forgotten? :-)


  James Aylett - Crystal Services ( BBS, Ftp and Web
     Clare College, Cambridge, CB2 1TL -- -- (0976) 212023

Received on Tuesday, 30 July 1996 06:11:19 UTC