[oslc-core] Proposal for Issue-25: Encoding of UI preview label
John Arwe
johnarwe at us.ibm.com
Mon Jul 9 13:15:47 EDT 2012
> > Not clear why we're saying that it MUST be HTML-escaped ... that would
imply
> > that the string is in fact always (X)HTML. Certainly true that its
value
> > would have to be XML-escaped as part of serializing it into a
well-formed
> > XML document (I'm not sure of the relationship between HTML-escaping
and
> > XML-escaping to the required level of precision, is one a proper
subset of
> > the other?).
> I believe it is a requirement. If we are expecting that web
> browsers may (after proxying the request and sanity checking for
> potential security issues) just place the string content of the
> <dcterms:title> within an html element, maybe <span>, for easy
> rendering. By doings this, it will keep things consistent (we did
> go through a review with a number of implementations in what they are
doing).
>
It's a requirement IFF the (only? primary?) intended use of the data is
to push it through an HTML rendering engine. Which is a fine use, but
certainly not the only one, certainly not what the existing spec says
"...may be used in the display of a link...". If I push the value into a
log instead/in addition to your intended use, less clear what the value
is/should be. Once you tell me it's a string, I don't think I'm entitled
to assume (in a "follow your nose" sense) anything about its internal
format. By virtue of its occurrence inside a message payload with
Content-Type: application/xml (or ... +xml), I am entitled/required to
assume that its value has been XML-escaped *because of the media type
specification's warrants*.
Your revised draft leaves the "only content valid w/in <span>" HTML
constraint a SHOULD; MUSTing HTML escaping seems even more bizarre in the
context of ("under") a SHOULD. If your intent is "When the content
contains content that is intended to be interpreted as HTML markup, then
it MUST...", I'd be comfortable with that in terms of its effect on
providers; that's not what the draft says today however. Clients I think
are no better/worse off, strictly from a spec perspective, and better off
from an expectations-setting perspective.
If the order of XML/HTML escaping applies matters (alternative orders
yield distinct final outputs on the wire) then we'd also need to specify
escaping order. Presumably a serializer would HTML-escape the value
first, and then XML-escape the entire representation next; a deserializer
would have to reverse that process.
> > oslc:shortTitle as string instead of XML literal seems consistent with
> > dcterms:title, which seems to be important given its description [2].
> >
> >
> > Both value type changes might be seen as incompatible by some
observers. Do
> > we have reason to think that this change is either compatible upon
closer
> > inspection, or it's worth the pain (potential breakage) in existing
> > implementations? Just asking in the hopes that analysis has been
done... I
> > know from personal experience that sometimes the obvious turns out to
be
> > false upon deeper thinking.
>
> Reminder, we are talking about XML elements here and NOT RDF
> vocabulary terms. So what we define within this UI Preview spec and
> oslc:Compat is limited to the usage of those XML elements as child
> elements of oslc:Compact. If there are changes to the core/common
> vocabulary that will be a separate issue to consider. Just want to be
clear.
>
Adding a MUST is incompatible; reducing that MUST's scope of applicability
does help limit the effects. If incompatible change is the price of
fixing something that's just totally broken as it exists today, I can get
over it. Likewise if every reader interprets the spec differently (that's
just another form of totally broken).
Best Regards, John
Voice US 845-435-9470 BluePages
Tivoli OSLC Lead - Show me the Scenario
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://open-services.net/pipermail/oslc-core_open-services.net/attachments/20120709/bbdce8e4/attachment-0003.html>
More information about the Oslc-Core
mailing list