Re: Error Message Feedback from Benjamin Niemann on 2006-08-07 (www-validator@w3.org from August 2006)

From: Benjamin Niemann <pink@odahoda.de>
Date: Mon, 07 Aug 2006 21:43:15 +0200
To: www-validator@w3.org
Message-ID: <eb854l$5cs$1@sea.gmane.org>
Hello,

dave@williamz.net wrote:
> I am having a problem with validating a page on my site:
> 
> http://www.williamz.net/photography/
> 
> I am pretty sure every thing is okay, but I get loads of errors.

13 errors is not much compared to some other sites ;)

> They can 
> be traced back to 2 things;
> 
> 1. At one place, I am using JavaScript to place some HTML in the document.
> However, the validator ignores the fact that the quotes need to be escaped
> or that I am not placing HTML inside a script tag as such, but rather into
> a variable...

You are using XHTML which does not know CDATA content as HTML does. You'll
have to surround the JS code with <![CDATA[ .. ]]>, so the parser (which
indeed does not know about the JavaScript syntax and is not supposed to do)
does not try to parse the JavaScript as HTML markup. Things may get more
complicated, if you try to satisfy tag-soup browsers which do not
understand such declared sections, so it's recommended to use external
JavaScript files.

And if you would choose HTML, your JavaScript would cause validation errors
(see <http://www.htmlhelp.com/tools/validator/problems.html#script>)

> 2. The code I have written has &amp; in all links and this is what
> displays
> in view page source.  However, the validator somehow picks up an
> additional
> hidden pass through with a PHP session id.

No, these are inserted on the first response. Disable cookies in your
browser, open the document and view source. Note that PHP also generates
invalid JavaScript code:

topBar = "<a href=\"/photography/\"?PHPSESSID=5..snip..4>Photography
Home</a>&nbsp;&nbsp;|&nbsp;&nbsp;"

'?PHPSESSID...' should be before \", not after. Ask some PHP gurus, how this
could be fixed - I have no idea...

> As this is not visible under 
> view source and the code writer has no control over how php places its
> session variables in links, 

(S)he has: http://www.w3.org/QA/2005/04/php-session (did you read the
messages provided by the validator, specifically for the first warning?)

> is it right for a document to fail validation 
> on these grounds?

The term 'Valid' or 'well-formed' document have a very specific and well
defined meaning. The validator does not care why or how the rules are
broken, it just tells you if they are.

> Would advisories not be better than fails for this type of problem?

More (and more intelligent) advisories were certainly desirable. But this is
a non-trivial goal for a piece of software that cannot read the author
intentions out of his mind...


-- 
Benjamin Niemann
Email: pink at odahoda dot de
WWW: http://pink.odahoda.de/
Received on Monday, 7 August 2006 19:43:58 UTC