[Standards] Handling for characters that have entities, but XML does not require them to be escaped

Peter Saint-Andre stpeter at jabber.org
Mon Jul 23 07:35:29 UTC 2007

Hi Matthias!

Matthias Wimmer wrote:
> Hi!
> There are several characters, that have predefined entities in XML, but
> that do not need to be escaped in XML.
> Examples for such characters are > ' and " in text nodes.
> E.g. due to the XML standard the following stanza would be valid XML:
> <message to='user at example.com' from='user at example.net'><body>Yes, a >
> b!</body></message>
> ... while RFC 3920 forbidds to generate such XML when used as XMPP.


> RFC3920bis even requires a server to check that this type of XML is not
> used and that a stream error has to be generated, if it is received.

We tried to clarify the error handling in rfc3920bis, and that text
reflected list consensus.

> So I have two questions regarding this:
> Why at all do these characters have to be escaped?

I don't know. IIRC, that was text from an early version of
draft-ietf-xmpp-core and I think I agree with you that it should not be
necessary to escape those characters in XMPP.

> I it really necessary, that RFC 3920bis mandates a server to reject such
> XMPP streams? I very much dislike this requirement, as it would require
> me to implement my own XML parser, as I don't know any parser I could
> use, that could be configured to notice me that these characters have
> been received unescaped.

If we change the text regarding restricted XML features (i.e., say that
the characters that don't need to be escaped in XML don't need to be
escaped in XMPP), would you still object to the error handling?


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7354 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.jabber.org/pipermail/standards/attachments/20070723/6a5c6771/attachment.bin>

More information about the Standards mailing list