-----Original Message----- From: zope-admin@zope.org [mailto:zope-admin@zope.org]On Behalf Of Lennart Regebro Sent: Thursday, December 19, 2002 3:11 PM To: danielle.d-avout; zope@zope.org Subject: Re: [Zope] sorry to insist! I'm a feeling that I must dare to write this message: don't allow bad entities ruin the code
From: "danielle.d-avout" <danielle.d-avout@wanadoo.fr>
http://www.zope.org/feedback_site_form?whats_up=Register&origin_ur l=http://w
ww.zope.org/Register will work but it is mere luck, it is not W3C compliant it should be for example instead of &origin &origin
Huh? & has always been used to delimit different parameters in a get URL. Are you saying that this is incorrect?
Danielle is right, it is incorrect but only in things that need to validate (HTML, XML). If you are talking in ASCII email, using & alone is just fine (and using & will probably not work). To express it a little more clearly: URLs can have '&' in them, it's just fine. But when an URL occurs as an HTML attribute, like: <a href="http://blah?foo=baz&blah=yarg">hi</a> Using a stand alone '&' is incorrect as '&' in an attribute is the signal for an entity. It really should be '&' Having said that, I can't imagine any major browser ever enforcing this requirement in the next 10-15 years. I also wouldn't consider it "just luck".