You are viewing a plain text version of this content. The canonical link for it is here.
Posted to j-dev@xerces.apache.org by ji...@apache.org on 2004/04/23 19:37:53 UTC
[jira] Closed: (XERCESJ-737) Some invalid IDREFS, ENTITIES, and NMTOKENS attributes not reported during valdiation.
Message:
The following issue has been closed.
Resolver: Michael Glavassevich
Date: Fri, 23 Apr 2004 10:37 AM
Closed.
---------------------------------------------------------------------
View the issue:
http://issues.apache.org/jira/browse/XERCESJ-737
Here is an overview of the issue:
---------------------------------------------------------------------
Key: XERCESJ-737
Summary: Some invalid IDREFS, ENTITIES, and NMTOKENS attributes not reported during valdiation.
Type: Bug
Status: Closed
Resolution: FIXED
Project: Xerces2-J
Components:
DTD
Versions:
2.4.0
Assignee: Michael Glavassevich
Reporter: Michael Glavassevich
Created: Fri, 30 May 2003 5:33 PM
Updated: Fri, 23 Apr 2004 10:37 AM
Environment: Operating System: All
Platform: All
Description:
The DTD validator does not report some invalid IDREFS, ENTITIES, and NMTOKENS.
The problem is in ListDatatypeValidator. It allows the following to slip
through:
1) Attributes of those types containing the character reference . This
reference is legal in XML 1.1, and by default StringTokenizer uses 0x0C as one
of its delimiters. Form feed (0x0C) isn't even XML white space.
2) Attributes of those types which have leading or trailing whitespace chars
after normalization, which you can get if you specify an attribute value with
char references to 0x09, 0x0A, and 0x0D.
3) Attributes of those types which don't meet changes to the Names and Nmtokens
production, as stated in E20 of the XML 1.0 SE Errata
(http://www.w3.org/XML/xml-V10-2e-errata#E20).
In summary, IDREFS, ENTITIES, and NMTOKENS before attribute normalization
cannot contain references to whitespace characters other than 0x20, in order
for them to meet the Names and Nmtokens productions after normalization.
---------------------------------------------------------------------
JIRA INFORMATION:
This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
If you want more information on JIRA, or have a bug to report see:
http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: xerces-j-dev-unsubscribe@xml.apache.org
For additional commands, e-mail: xerces-j-dev-help@xml.apache.org