mirror of
https://github.com/libexpat/libexpat.git
synced 2025-04-05 21:24:59 +00:00
lib|doc: Add a note on namespace URI validation
This commit is contained in:
parent
5dd5218297
commit
c57bea96b7
2 changed files with 14 additions and 0 deletions
|
@ -974,6 +974,14 @@ the local part will be concatenated without any separator - this is intended
|
|||
to support RDF processors. It is a programming error to use the null separator
|
||||
with <a href= "#XML_SetReturnNSTriplet">namespace triplets</a>.</div>
|
||||
|
||||
<p><strong>Note:</strong>
|
||||
Expat does not validate namespace URIs (beyond encoding)
|
||||
against RFC 3986 today (and is not required to do so with regard to
|
||||
the XML 1.0 namespaces specification) but it may start doing that
|
||||
in future releases. Before that, an application using Expat must
|
||||
be ready to receive namespace URIs containing non-URI characters.
|
||||
</p>
|
||||
|
||||
<h4 id="XML_ParserCreate_MM">XML_ParserCreate_MM</h4>
|
||||
<pre class="fcndec">
|
||||
XML_Parser XMLCALL
|
||||
|
|
|
@ -244,6 +244,12 @@ XML_ParserCreate(const XML_Char *encoding);
|
|||
1, 2 or 3 original parts on application level in the element handler
|
||||
may end up vulnerable, so these are advised against; sane choices for
|
||||
a namespace separator are e.g. '\n' (line feed) and '|' (pipe).
|
||||
|
||||
Note that Expat does not validate namespace URIs (beyond encoding)
|
||||
against RFC 3986 today (and is not required to do so with regard to
|
||||
the XML 1.0 namespaces specification) but it may start doing that
|
||||
in future releases. Before that, an application using Expat must
|
||||
be ready to receive namespace URIs containing non-URI characters.
|
||||
*/
|
||||
XMLPARSEAPI(XML_Parser)
|
||||
XML_ParserCreateNS(const XML_Char *encoding, XML_Char namespaceSeparator);
|
||||
|
|
Loading…
Add table
Reference in a new issue