> On Sep 19, 2017, at 5:38 PM, Byron Davies <byrondav...@starshine.us> wrote:
> Right.  My understanding increases bit by bit.
> I’m using response/xexpr, which — unlike your xexpr->html — doesn’t 
> special-case script and style tags. Funny, I had read through your txexpr 
> docs, but the special-casing of script and style didn’t jump out at me at the 
> time, and I had forgotten it by the time I needed it.

Ah yes, so it does. 

As default behavior of `response/xexpr`, that seems somewhere between iffy and 
wrong. There's a mismatch between its default mime-type of "text/html", and its 
use of `xexpr->string`, which produces XML, not the promised HTML. 

IIRC this mime-spoofing technique was used the early oughts to fool browsers 
into accepting XHTML. [1] But it's since been deprecated. [2]

[1] https://www.w3.org/MarkUp/2004/xhtml-faq#texthtml 

[2] https://hixie.ch/advocacy/xhtml <https://hixie.ch/advocacy/xhtml> (search 
for heading "Why trying to use XHTML and then sending it as text/html is bad")

You received this message because you are subscribed to the Google Groups 
"Racket Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to racket-users+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to