[whatwg] Stability of tokenizing/dom algorithms
Ian Hickson
ian at hixie.ch
Mon Dec 15 13:02:17 PST 2008
On Mon, 15 Dec 2008, Edward Z. Yang wrote:
> Ian Hickson wrote:
> > In general you should be able to just implement what the spec says and
> > then either leave the HTML5 support in (it's unlikely to cause any harm)
> > or just comment out the support for the new elements, that should be
> > relatively easy.
>
> Right, this is mostly what I intended to do. But from what I can tell,
> there's a difference between the design philosophies of HTML 5 and XHTML
> 2.0; XHTML tries to make everything "extensible" and able to be imported
> from other places, while HTML 5 attempts to document what exists, and
> then make sensible additions as necessary. HTML 5 pragmatism makes sense
> for a user-agent, but the XHTML extensibility is useful for a sanitizer,
> which doesn't actually have to render anything and needs to support
> multiple dialects and variants.
Extensibility certainly isn't a priority for HTML5 in text/html, at least
not compared to compatibility, indeed.
I don't really see why a sanitiser needs extensibility though. Could you
elaborate on this? Surely you just want to filter anything that isn't
valid or safe, and only leave the valid safe stuff, using a whitelist.
--
Ian Hickson U+1047E )\._.,--....,'``. fL
http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,.
Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'
More information about the whatwg
mailing list