[New-bugs-announce] [issue12129] Document Object Model API - validation

Kyle Keating report at bugs.python.org
Sat May 21 00:02:11 CEST 2011

New submission from Kyle Keating <kkeating at gmail.com>:

I was doing some tests on using this library and I noticed xml elements and attribute names could be created with mal-formed xml because special characters which can break validation are not cleaned or converted from their literal forms. Only the attribute values are cleaned, but not the names.

For example

import xml.dom


will just embed a pair of p tags in the xml result. I thought that the xml spec did not permit <, >, &, \n etc. in the element name or attribute name? Could I get some clarification on this, thanks!

components: Library (Lib)
messages: 136402
nosy: Kyle.Keating
priority: normal
severity: normal
status: open
title: Document Object Model API - validation
type: behavior
versions: Python 2.7

Python tracker <report at bugs.python.org>

More information about the New-bugs-announce mailing list