- From: Bjoern Hoehrmann <derhoermi@gmx.net>
- Date: Thu, 25 Nov 2004 12:49:12 +0100
- To: ronan@roasp.com
- Cc: www-svg@w3.org
* Ronan Oger wrote: >However, something that you need to keep in mind is than XML is much stricter >than SGML. While in SGML the above <script>code</script> is all you need for >executability, in XML you need CDATA tags which clearly define the script >chunk. Sorry but you do not need CDATA sections, they are only syntax sugar so you can write <script><![CDATA[ if (a && b) ... ]]></script> rather than <script> if (a && b) ... </script> and again, XML is not stricter than SGML in a sense that would seem relevant here. Where did you get this from? >Ann added security is the DTD and Schema definitions which prevent >script content from appearing at arbitrary locations without clear >delimiters. With a reasonable parser, it is impossible to send your above >content invisibly. Either it will be detected as script or it will be >detected as invalid XML and rejected. Again, there is nothing non-conforming about my example, the <a> element may have <script> content and text content and "+ADw-script+AD4...script code...+ADw-/script+AD4" is legal in both UTF-7 and UTF-8. Why do you think there is any error in my example?
Received on Thursday, 25 November 2004 11:49:42 UTC