ISSUE-381: [survey needed] Make hz-gb-2312 a label of the replacement encoding
[survey needed] Make hz-gb-2312 a label of the replacement encoding
- State:
- CLOSED
- Product:
- encoding
- Raised by:
- Addison Phillips
- Opened on:
- 2014-07-10
- Description:
- https://www.w3.org/Bugs/Public/show_bug.cgi?id=25339
This issue tracks the bug listed above and was created as part of the WG LC process. The bug was created prior to the WG LC.
---
HZ is an exceptionally dangerous encoding, because its escape sequence consists of printable ASCII characters. See https://www.w3.org/Bugs/Public/show_bug.cgi?id=20886#c3 .
In Firefox 28, I constrained the inheritance of HZ, removed it from the UI so that it can't be chosen manually and added telemetry for counting sessions in which the HZ decoder has been instantiated.
Sessions in which the HZ decoder has been instantiated are very rare: such a session occurs less often than once in a million sessions. http://telemetry.mozilla.org/#release/28/DECODER_INSTANTIATED_HZ/saved_session/Firefox
This suggests that the utility of HZ is so small that it should be regarded mainly as an XSS attack vector and be mapped the replacement encoding.
I'd be interested in hearing the perspective of developers of other browsers, Chrome especially, since Chrome has resisted the addition of useless or merely marginally useful encodings. - Related Actions Items:
- No related actions
- Related emails:
- I18N-ISSUE-381 (BUG25339): [survey needed] Make hz-gb-2312 a label of the replacement encoding [encoding] (from sysbot+tracker@w3.org on 2014-07-10)
Related notes:
These issues are now tracked at http://www.w3.org/International/docs/encoding/encoding-cr-doc
Richard Ishida, 16 Sep 2015, 11:59:12
Display change log
