5770 2008-06-18 18:08:18 +0000 Unescaped input (URI, selector) causes ill-formed SOAP output 2012-09-21 14:34:34 +0000 1 1 1 Unclassified CSSValidator CSS 2.1 CSS Validator All All RESOLVED FIXED http://jigsaw.w3.org/css-validator P1 major --- 1 w3c dave.null caribou ot www-validator-cvs oldest_to_newest 20584 0 558 w3c 2008-06-18 18:08:18 +0000 Created attachment 558 SOAP output for this error. When validating CSS what includes URL’s with ampersands in them, the responses do not return valid XML (or XHTML). This is because the ampersands are carried through to the output without being encoded. Example Input (typed into the TextArea or set as text in POST): .google { background-image: url(http://www.google.com/logo.jpg?is=evil&but=we_love_them_anyway); } Location of Error in SOAP output: /env:Envelope/env:Body/m:cssvalidationresponse/m:result/m:css/m:noAtRule/m:selector/m:RuleList/m:Rule/m:PropertyValue If XML encoding is too much trouble, you might consider adding CDATA blocks around the contents of this field. 20585 1 w3c 2008-06-18 18:34:21 +0000 This bug also happens with ">" characters in selectors, although my XML parser handles this so I am not sure if this is as severe as the above bug. Input: .google > .yahoo { color: red; } Some of the problem Areas: /env:Envelope/env:Body/m:cssvalidationresponse/m:result/m:warnings/m:warninglist/m:warning/m:context /env:Envelope/env:Body/m:cssvalidationresponse/m:result/m:css/m:noAtRule/m:selector/m:selectorValue 20586 2 559 w3c 2008-06-18 18:35:34 +0000 Created attachment 559 Output from using a ">" in a selector 23213 3 619 ot 2009-01-21 20:58:54 +0000 Created attachment 619 test case as standalone css file 23938 4 ylafon 2009-02-25 20:50:05 +0000 Fixed by adding new function to generate escaped versions. the XHTML and SOAP1.2 templates are now using those functions. See http://qa-dev.w3.org:8001/css-validator/ 558 2008-06-18 18:08:18 +0000 2008-06-18 18:08:18 +0000 SOAP output for this error. output.xml text/xml 1766 w3c PD94bWwgdmVyc2lvbj0nMS4wJyBlbmNvZGluZz0idXRmLTgiPz4KPGVudjpFbnZlbG9wZSB4bWxu czplbnY9Imh0dHA6Ly93d3cudzMub3JnLzIwMDMvMDUvc29hcC1lbnZlbG9wZSI+CiAgICA8ZW52 OkJvZHk+CiAgICAgICAgPG06Y3NzdmFsaWRhdGlvbnJlc3BvbnNlCiAgICAgICAgICAgIGVudjpl bmNvZGluZ1N0eWxlPSJodHRwOi8vd3d3LnczLm9yZy8yMDAzLzA1L3NvYXAtZW5jb2RpbmciCiAg ICAgICAgICAgIHhtbG5zOm09Imh0dHA6Ly93d3cudzMub3JnLzIwMDUvMDcvY3NzLXZhbGlkYXRv ciI+CiAgICAgICAgICAgIDxtOnVyaT5maWxlOi8vbG9jYWxob3N0L1RleHRBcmVhPC9tOnVyaT4K ICAgICAgICAgICAgPG06Y2hlY2tlZGJ5Pmh0dHA6Ly9qaWdzYXcudzMub3JnL2Nzcy12YWxpZGF0 b3IvPC9tOmNoZWNrZWRieT4KICAgICAgICAgICAgPG06Y3NzbGV2ZWw+Y3NzMjE8L206Y3NzbGV2 ZWw+CiAgICAgICAgICAgIDxtOmRhdGU+MjAwOC0wNi0xOFQwNjo1MzZaPC9tOmRhdGU+CiAgICAg ICAgICAgIDxtOnZhbGlkaXR5PnRydWU8L206dmFsaWRpdHk+CiAgICAgICAgICAgIDxtOnJlc3Vs dD4KICAgICAgICAgICAgICAgIDxtOmVycm9ycyB4bWw6bGFuZz0iZW4iPgogICAgICAgICAgICAg ICAgICAgIDxtOmVycm9yY291bnQ+MDwvbTplcnJvcmNvdW50PgogICAgCiAgICAgICAgICAgICAg ICA8L206ZXJyb3JzPgogICAgICAgICAgICAgICAgPG06d2FybmluZ3MgeG1sOmxhbmc9ImVuIj4K ICAgICAgICAgICAgICAgICAgICA8bTp3YXJuaW5nY291bnQ+MDwvbTp3YXJuaW5nY291bnQ+Cgog ICAgICAgICAgICAgICAgPC9tOndhcm5pbmdzPgogICAgICAgICAgICAgICAgPG06Y3NzPgogICAg CiAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgIDxtOm5vQXRSdWxlPgogICAgICAgICAg ICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICA8bTpzZWxlY3Rvcj4KICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICA8bTpzZWxlY3RvclZhbHVlPi5nb29nbGU8L206c2VsZWN0 b3JWYWx1ZT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8bTpSdWxlTGlzdD4KICAg ICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxtOlJ1bGU+CiAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8bTpQcm9wZXJ0eT5iYWNrZ3Jv dW5kLWltYWdlPC9tOlByb3BlcnR5PgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgPG06UHJvcGVydHlWYWx1ZT51cmwoaHR0cDovL3d3dy5nb29nbGUuY29tL2xvZ28uanBn P2lzPWV2aWwmYnV0PXdlX2xvdmVfdGhlbV9hbnl3YXkpPC9tOlByb3BlcnR5VmFsdWU+CiAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8bTppbXBvcnRhbnQ+IGZhbHNlIDwv bTppbXBvcnRhbnQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbTpSdWxl PgogICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L206UnVsZUxp c3Q+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L206c2VsZWN0b3I+CiAgICAgICAgICAg ICAgICAKICAgICAgICAgICAgICAgICAgICA8L206bm9BdFJ1bGU+CiAgICAgICAgICAgIAogICAg ICAgICAgICAgICAgPC9tOmNzcz4KICAgICAgICAgICAgPC9tOnJlc3VsdD4KICAgICAgICA8L206 Y3NzdmFsaWRhdGlvbnJlc3BvbnNlPgogICAgPC9lbnY6Qm9keT4KPC9lbnY6RW52ZWxvcGU+Cgo= 559 2008-06-18 18:35:34 +0000 2008-06-18 18:35:34 +0000 Output from using a ">" in a selector output-2.xml text/xml 2399 w3c PD94bWwgdmVyc2lvbj0nMS4wJyBlbmNvZGluZz0idXRmLTgiPz4KPGVudjpFbnZlbG9wZSB4bWxu czplbnY9Imh0dHA6Ly93d3cudzMub3JnLzIwMDMvMDUvc29hcC1lbnZlbG9wZSI+CiAgICA8ZW52 OkJvZHk+CiAgICAgICAgPG06Y3NzdmFsaWRhdGlvbnJlc3BvbnNlCiAgICAgICAgICAgIGVudjpl bmNvZGluZ1N0eWxlPSJodHRwOi8vd3d3LnczLm9yZy8yMDAzLzA1L3NvYXAtZW5jb2RpbmciCiAg ICAgICAgICAgIHhtbG5zOm09Imh0dHA6Ly93d3cudzMub3JnLzIwMDUvMDcvY3NzLXZhbGlkYXRv ciI+CiAgICAgICAgICAgIDxtOnVyaT5maWxlOi8vbG9jYWxob3N0L1RleHRBcmVhPC9tOnVyaT4K ICAgICAgICAgICAgPG06Y2hlY2tlZGJ5Pmh0dHA6Ly9qaWdzYXcudzMub3JnL2Nzcy12YWxpZGF0 b3IvPC9tOmNoZWNrZWRieT4KICAgICAgICAgICAgPG06Y3NzbGV2ZWw+Y3NzMjE8L206Y3NzbGV2 ZWw+CiAgICAgICAgICAgIDxtOmRhdGU+MjAwOC0wNi0xOFQwNjoyODI5WjwvbTpkYXRlPgogICAg ICAgICAgICA8bTp2YWxpZGl0eT50cnVlPC9tOnZhbGlkaXR5PgogICAgICAgICAgICA8bTpyZXN1 bHQ+CiAgICAgICAgICAgICAgICA8bTplcnJvcnMgeG1sOmxhbmc9ImVuIj4KICAgICAgICAgICAg ICAgICAgICA8bTplcnJvcmNvdW50PjA8L206ZXJyb3Jjb3VudD4KICAgIAogICAgICAgICAgICAg ICAgPC9tOmVycm9ycz4KICAgICAgICAgICAgICAgIDxtOndhcm5pbmdzIHhtbDpsYW5nPSJlbiI+ CiAgICAgICAgICAgICAgICAgICAgPG06d2FybmluZ2NvdW50PjE8L206d2FybmluZ2NvdW50Pgog ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICA8 bTp3YXJuaW5nbGlzdD4KICAgICAgICAgICAgICAgICAgICAgICAgPG06dXJpPmZpbGU6Ly9sb2Nh bGhvc3QvVGV4dEFyZWE8L206dXJpPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAKICAgICAgICAgICAgICAgICAgICAgICAgPG06d2FybmluZz4KICAgICAgICAgICAgICAgICAg ICAgICAgICAgIDxtOmxpbmU+MzwvbTpsaW5lPgogICAgICAgICAgICAgICAgICAgICAgICAgICAg PG06bGV2ZWw+MjwvbTpsZXZlbD4KICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxtOm1lc3Nh Z2U+WW91IGhhdmUgbm8gYmFja2dyb3VuZC1jb2xvciBzZXQgKG9yIGJhY2tncm91bmQtY29sb3Ig aXMgc2V0IHRvIHRyYW5zcGFyZW50KSBidXQgeW91IGhhdmUgc2V0IGEgY29sb3IuIE1ha2Ugc3Vy ZSB0aGF0IGNhc2NhZGluZyBvZiBjb2xvcnMga2VlcHMgdGhlIHRleHQgcmVhc29uYWJseSBsZWdp YmxlLjwvbTptZXNzYWdlPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgPG06Y29udGV4dD4u Z29vZ2xlID4gLnlhaG9vPC9tOmNvbnRleHQ+CiAgICAgICAgICAgICAgICAgICAgICAgIDwvbTp3 YXJuaW5nPgogICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgIDwvbTp3YXJu aW5nbGlzdD4KICAgIAogICAgICAgICAgICAgICAgPC9tOndhcm5pbmdzPgogICAgICAgICAgICAg ICAgPG06Y3NzPgogICAgCiAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgIDxtOm5vQXRS dWxlPgogICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICA8bTpzZWxl Y3Rvcj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8bTpzZWxlY3RvclZhbHVlPi5n b29nbGUgPiAueWFob288L206c2VsZWN0b3JWYWx1ZT4KICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICA8bTpSdWxlTGlzdD4KICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgIDxtOlJ1bGU+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICA8bTpQcm9wZXJ0eT5jb2xvcjwvbTpQcm9wZXJ0eT4KICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgIDxtOlByb3BlcnR5VmFsdWU+cmVkPC9tOlByb3BlcnR5VmFsdWU+ CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8bTppbXBvcnRhbnQ+IGZh bHNlIDwvbTppbXBvcnRhbnQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwv bTpSdWxlPgogICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L206 UnVsZUxpc3Q+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L206c2VsZWN0b3I+CiAgICAg ICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICA8L206bm9BdFJ1bGU+CiAgICAgICAgICAg IAogICAgICAgICAgICAgICAgPC9tOmNzcz4KICAgICAgICAgICAgPC9tOnJlc3VsdD4KICAgICAg ICA8L206Y3NzdmFsaWRhdGlvbnJlc3BvbnNlPgogICAgPC9lbnY6Qm9keT4KPC9lbnY6RW52ZWxv cGU+Cgo= 619 2009-01-21 20:58:54 +0000 2009-01-21 20:58:54 +0000 test case as standalone css file testcase.css text/css 106 ot Lmdvb2dsZQp7CiAgICAgICBiYWNrZ3JvdW5kLWltYWdlOgp1cmwoaHR0cDovL3d3dy5nb29nbGUu Y29tL2xvZ28uanBnP2lzPWV2aWwmYnV0PXdlX2xvdmVfdGhlbV9hbnl3YXkpOwp9Cg==