> On Sep 19, 2017, at 5:38 PM, Byron Davies <byrondav...@starshine.us> wrote: > > Right. My understanding increases bit by bit. > > I’m using response/xexpr, which — unlike your xexpr->html — doesn’t > special-case script and style tags. Funny, I had read through your txexpr > docs, but the special-casing of script and style didn’t jump out at me at the > time, and I had forgotten it by the time I needed it.
Ah yes, so it does. As default behavior of `response/xexpr`, that seems somewhere between iffy and wrong. There's a mismatch between its default mime-type of "text/html", and its use of `xexpr->string`, which produces XML, not the promised HTML. IIRC this mime-spoofing technique was used the early oughts to fool browsers into accepting XHTML. [1] But it's since been deprecated. [2] [1] https://www.w3.org/MarkUp/2004/xhtml-faq#texthtml <https://www.w3.org/MarkUp/2004/xhtml-faq#texthtml> [2] https://hixie.ch/advocacy/xhtml <https://hixie.ch/advocacy/xhtml> (search for heading "Why trying to use XHTML and then sending it as text/html is bad") -- You received this message because you are subscribed to the Google Groups "Racket Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to racket-users+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
