[Standards-JIG] JEP-0017 Framing: Why was it rejected?

Justin Karneges justin-keyword-jabber.093179 at affinix.com
Wed Oct 20 22:39:55 UTC 2004


On Wednesday 20 October 2004 03:13 pm, Trejkaz Xaoza wrote:
> On Wed, 20 Oct 2004 19:16, Justin Karneges wrote:
> > As far as I know, extra character data can be present unless it is
> > explicitly disallowed (or used for something else).  I assume the
> > <stream> element doesn't have this restriction, else we'd all be
> > violating the spec by sending those "whitespace pings".
>
> The different there is that whitespace is ignorable when it occurs between
> XML elements (i.e., it doesn't affect the XML contents.)

Whitespace counts as CDATA if it occurs between elements, thus affecting the 
content.  However, if an element does not define a use for its CDATA, then 
extra whitespace is harmless.

That said, I'm no longer sure now whether or not this applies to just 
whitespace or all characters.  Maybe only whitespace is legal if the CDATA 
usage is undefined, and other characters are never legal.  But this is not a 
useful discussion, you're right that there are more legitimate ways to frame 
a stanza.

> But as has been mentioned, this really just makes the system easier to
> abuse. The server will still need to parse the content so that they can
> kick off malicious clients, otherwise you have a whole lot of people
> dropping out when their parsers can't cope.  I don't think this would work
> except possibly from server to server (although... then you would just get
> malicious servers.)

As I mentioned in my other mail, framing wouldn't remove the server's 
responsibility to parse a stanza before routing it, otherwise you'd get 
problems like you mention.  Framing would simply allow the server to defer 
parsing to a later time, or to trash the stanza without parsing it.

-Justin



More information about the Standards mailing list