- From: <ronan@roasp.com>
- Date: Thu, 25 Nov 2004 08:54:51 -0500 (EST)
- To: www-svg@w3.org
Bjorern wrote: > > * Ronan Oger wrote: >>However, something that you need to keep in mind is than XML is much >> stricter >>than SGML. While in SGML the above <script>code</script> is all you need >> for >>executability, in XML you need CDATA tags which clearly define the script >>chunk. > > Sorry but you do not need CDATA sections, they are only syntax sugar so > you can write > > <script><![CDATA[ if (a && b) ... ]]></script> > > rather than > > <script> if (a && b) ... </script> > > and again, XML is not stricter than SGML in a sense that would seem > relevant here. Where did you get this from? Apoligies. My ignorance has shone through. I checked on asv and verified you are correct. Apologies again for the FUD in this respect. > >>Ann added security is the DTD and Schema definitions which prevent >>script content from appearing at arbitrary locations without clear >>delimiters. With a reasonable parser, it is impossible to send your above >>content invisibly. Either it will be detected as script or it will be >>detected as invalid XML and rejected. > > Again, there is nothing non-conforming about my example, the <a> element > may have <script> content and text content and "+ADw-script+AD4...script > code...+ADw-/script+AD4" is legal in both UTF-7 and UTF-8. Why do you > think there is any error in my example? It is my understanding that cdata is only allowed in a <text> field in SVG, and that outside of a text field, it violates the DTD (and presumably the schema). Is that wrong? > >
Received on Thursday, 25 November 2004 13:54:55 UTC