Hi Matthias! Matthias Wimmer wrote: > Hi! > > There are several characters, that have predefined entities in XML, but > that do not need to be escaped in XML. > Examples for such characters are > ' and " in text nodes. > > E.g. due to the XML standard the following stanza would be valid XML: > > <message to='[EMAIL PROTECTED]' from='[EMAIL PROTECTED]'><body>Yes, a > > b!</body></message> > > ... while RFC 3920 forbidds to generate such XML when used as XMPP.
Correct. > RFC3920bis even requires a server to check that this type of XML is not > used and that a stream error has to be generated, if it is received. We tried to clarify the error handling in rfc3920bis, and that text reflected list consensus. > So I have two questions regarding this: > > Why at all do these characters have to be escaped? I don't know. IIRC, that was text from an early version of draft-ietf-xmpp-core and I think I agree with you that it should not be necessary to escape those characters in XMPP. > I it really necessary, that RFC 3920bis mandates a server to reject such > XMPP streams? I very much dislike this requirement, as it would require > me to implement my own XML parser, as I don't know any parser I could > use, that could be configured to notice me that these characters have > been received unescaped. If we change the text regarding restricted XML features (i.e., say that the characters that don't need to be escaped in XML don't need to be escaped in XMPP), would you still object to the error handling? /psa
smime.p7s
Description: S/MIME Cryptographic Signature
