On Thu, Oct 29, 2009 at 2:52 PM, Matt Amos <[email protected]> wrote: > sort of. the "spec" is just that the API talks XML, and we aim not to > have any restrictions beyond that. so anything that's a valid XML > character (http://www.w3.org/TR/REC-xml/#charsets) should be allowed > in OSM.
[snip] > yes, we should probably add a rails validation to stop people using > those chars in their username (who needs a tab in their username > anyway?) I think I'm misreading something :). How are these statements not contradictory? > the code, which is a bit opaque: > > delete "\000-\037", "^\011\012\015" > > says that it'll delete any char in the range 0-37 (octal), but not 11, > 12 or 15. in ascii this corresponds to anything "less than" a space, > but not tab, newline or carriage return. it should be (modulo bugs) > the same as the XML valid character productions. Ah! Okay, I definitely misread that. >> It would be a good idea to release an official spec on exactly what >> characters are allowed in keys, values, and usernames. Just >> disallowing control characters (decimal value less than 32) altogether >> would probably be the best. But if the decision is made to allow >> them, fine, they need to be handled properly. > > that's a good idea. i'll stick something up on the wiki - for > reference i think the current "spec" is the XML valid character > productions, although i can't think of any particular reason to keep > \t, \n or \r: > > Char ::= #x9 | #xA | #xD | [#x20-#xD7FF] | [#xE000-#xFFFD] | > [#x10000-#x10FFFF] > > http://www.w3.org/TR/REC-xml/#NT-Char Sounds good. At least for keys and values. Usernames (but not keys and values) also disallow [\/;.,?], right? _______________________________________________ dev mailing list [email protected] http://lists.openstreetmap.org/listinfo/dev
