This is an archived snapshot of W3C's public bugzilla bug tracker, decommissioned in April 2019. Please see the home page for more details.
"In the HTML syntax, authors need only remember to use U+0022 QUOTATION MARK characters (") to wrap the attribute contents and then to escape all U+0022 QUOTATION MARK (") and U+0026 AMPERSAND (&) characters, and to specify the sandbox attribute, to ensure safe embedding of content." It would be great if the example would also include a case of a URI contained in an href attribute, containing an ampersand (double escaping may be needed). "Due to restrictions of the XML syntax, in XML a number of other characters need to be escaped also to ensure correctness." Why not tell the reader which? (anything except less-than?) (Note that this comment does not imply that I think @srcdoc should stay in the spec; but if it stays the examples should be improved)
EDITOR'S RESPONSE: This is an Editor's Response to your comment. If you are satisfied with this response, please change the state of this bug to CLOSED. If you have additional information and would like the editor to reconsider, please reopen this bug. If you would like to escalate the issue to the full HTML Working Group, please add the TrackerRequest keyword to this bug, and suggest title and text for the tracker issue; or you may create a tracker issue yourself, if you are able to do so. For more details, see this document: http://dev.w3.org/html5/decision-policy/decision-policy.html Status: Partially Accepted Change Description: see diff given below Rationale: Agreed with the first part (tweaked an example to show this). Regarding the second: The reason the spec doesn't say exactly what needs to be done for compatibility with XML is that I don't want to get it wrong and have people accuse me of trying to violate XML. This is the kind of thing where I'm bound to forget something or other e.g., that you have to escape half-surrogates in some special way or some other equally complicated and frankly uninteresting case that XML already defines quite adequately.
checkin was r3754.
The WG will review the text. If you don't know what exactly to put in, just follow up on the mailing list.
EDITOR'S RESPONSE: This is an Editor's Response to your comment. If you are satisfied with this response, please change the state of this bug to CLOSED. If you have additional information and would like the editor to reconsider, please reopen this bug. If you would like to escalate the issue to the full HTML Working Group, please add the TrackerRequest keyword to this bug, and suggest title and text for the tracker issue; or you may create a tracker issue yourself, if you are able to do so. For more details, see this document: http://dev.w3.org/html5/decision-policy/decision-policy.html Status: Rejected Change Description: no spec change Rationale: I have no interest in playing wack-a-mole with redundant text that just duplicates the XML spec.
Raised as http://www.w3.org/html/wg/tracker/issues/103
http://lists.w3.org/Archives/Public/public-html/2010Oct/0168.html
Specifically, if I'm not mistaken, the request is to change: "Note: Due to restrictions of the XML syntax, in XML a number of other characters need to be escaped also to ensure correctness." by: "Note: Due to restrictions of the XML syntax, in XML the U+003C LESS-THAN SIGN (<) needs be escaped as well. Also, XML's whitespace characters -- U+0009 CHARACTER TABULATION (HT), U+000A LINE FEED (LF), U+000D CARRIAGE RETURN (CR) and U+0020 SPACE -- need to be escaped in order to prevent attribute-value normalization ([XML], Section 3.3.3)." (I presume I can make editorial fixes to this such as using "" instead of "--" and using the spec's house style for references to characters.)
Checked in as WHATWG revision r5627. Check-in comment: Apply WG decision http://html5.org/tools/web-apps-tracker?from=5626&to=5627