My apologies. I misread your message. You are correct. Our behavior seems wrong to me too. Please file a bug.
-eric On Thu, Apr 10, 2008 at 10:20 PM, Keith Kowalczykowski <[EMAIL PROTECTED]> wrote: > Hi Eric, > > Thanks for the quick response. Based upon the way I interpret the spec, > it seems as though FF and IE are in agreement. Specifically, the spec states > that send() should "Serialize data into a namespace well-formed XML document > and encoded using the encoding given by data.xmlEncoding, if specified, or > UTF-8 otherwise." Looking at the XML spec ( > http://www.w3.org/TR/2006/REC-xml-20060816/#sec-well-formed), a well formed > document should exclude < and & from attribute and entity values. Therefore, > it seems as though FF/IE are doing the correct thing in escaping these > characters, where-as Safari is not. Maybe I'm interpreting something wrong, > though? > > I have filed a bug #18421 about the issue. What is the general processes > for looking at/prioritizing bugs within WebKit? > > Thanks, > Keith > > > > > The FF/IE behavior looks to be in disagreement with the spec: > > > > http://www.w3.org/TR/XMLHttpRequest/#send > > > > So it seems like both the spec and our code should be changed. > > > > Please file a bug: > > http://webkit.org/quality/reporting.html > > > > Bugs reported on the mailing list are unlikely to be fixed unless also > > added to the bugs database. > > > > -eric > > > > > > On Thu, Apr 10, 2008 at 7:37 PM, Keith Kowalczykowski <[EMAIL PROTECTED]> > > wrote: > >> Hi Everyone, > >> > >> I'm having a little problem with Safari (3.1) and the escaping of XML > >> when using XmlHttpRequest. The behavior that I'm seeing is that > >> Safari/Webkit is not properly escaping & and < when sending an XML > document > >> to the server. For example, if I have the following XML document: > >> > >> <foo foo="a&b">a&b</foo> > >> > >> On Firefox/IE, the value sent to the server is: > >> > >> <foo foo"a&b">a&b</foo> > >> > >> However, on Safari, the value is: > >> > >> <foo foo="a&b">a&b</foo> > >> > >> I have included some proof-of-concept code at the end of this email. > Please > >> let me know if there is something obvious that I'm doing wrong, or if > this > >> is really a bug in Safari/Webkit. Thanks. > >> > >> -Keith > >> > >> Sample Code: > >> > >> This code simply creates an XML document that is the same as the example > I > >> gave above. It then creates an XHR object and sends it to the server. The > >> server simply sends the received value back to the client, which is then > >> displayed using an alert dialog. Under IE and FF, this code works fine. > >> Under Safari, however, it does not. > >> > >> test.html > >> > >> <html> > >> <head> > >> </head> > >> > >> <body> > >> </body> > >> <script type="text/javascript"> > >> // Create a new document > >> var dom = document.implementation.createDocument("","", null); > >> > >> // Create the root node > >> var root = dom.appendChild(dom.createElement("foo")); > >> > >> // Add an attribute > >> root.setAttribute("foo", "a&b"); > >> > >> // Add a text node > >> var txt = dom.createTextNode("a&b"); > >> > >> // Append it > >> root.appendChild(txt); > >> > >> // Create the XHR object > >> var xhr = new XMLHttpRequest(); > >> xhr.open("POST", "test.php", true); > >> xhr.onreadystatechange = function() > >> { > >> if (xhr.readyState == 4 && xhr.status == 200) > >> { > >> alert(xhr.responseText); > >> } > >> }; > >> xhr.send(dom); > >> > >> > >> > >> </script> > >> > >> </html> > >> > >> test.php > >> > >> <?php > >> print @file_get_contents('php://input'); > >> ?> > >> > >> > >> _______________________________________________ > >> webkit-dev mailing list > >> webkit-dev@lists.webkit.org > >> http://lists.webkit.org/mailman/listinfo/webkit-dev > >> > > > _______________________________________________ > webkit-dev mailing list > webkit-dev@lists.webkit.org > http://lists.webkit.org/mailman/listinfo/webkit-dev > _______________________________________________ webkit-dev mailing list webkit-dev@lists.webkit.org http://lists.webkit.org/mailman/listinfo/webkit-dev