[XML-SIG] Big Bug? (was:Pretty-printing DOM trees)

Lars Marius Garshol larsga@ifi.uio.no
23 Jan 1999 11:43:59 +0100

* Dieter Maurer
| I have investigated the problem further:
| "xmlproc" requires *ALL* attribute values to be enclosed in either
| single or double quotes.

This is correct, simply because the XML standard also requires this.
A document that does not quote all it's attribute values is not
well-formed and thus not considered an XML document at all. In fact,
by continuing to report data events to the client after a
well-formedness error, xmlproc violates the standard. 

Since it appears to be so common to not use error handlers, perhaps I
should make it conform. What do people think?
| The problem is caused by your
| <Darreichung zulassungsnummer="29117.00.00" code="200523"
|              datum="010195" status=F>
| more precisely, the "status=F", where the "F" is not enclosed in
| quotes.
| "xmlproc" sees the problem and reports an error "3016"

Almost correct, it reports 3004: "One of ' or " expected".

| (you will see it, if you install an error handler).

Just a tip: my experience is that if you don't always install error
handlers little nitty problems with your XML will cause you a lot of
headaches that you can't figure out at first. 

xml.sax.saxutils contains two default error handlers that you can plug
in and use directly. One prints errors, the other raises exceptions.

| Then it skips beyond the closing '>'.

This is correct. This is xmlproc in 'panic mode'. Since it doesn't do
tokenization it has no clues as to what is coming up next, and tries
to skip to the end of the start tag.

| However, it is still in attribute processing for "Darreichung" -- an
| "xmlproc" bug.

So it is. Even though the application has no right to expect correct
information about the document any more, it is pointless not to get
this right when it is so easy to do it. We'll pay a slight performance
penalty for it, though.

Thank you very much for diagnosing the problem so clearly. I'll fix
this now so that the problem does not occur in 0.60. (0.60, by the
way, should have full support for parameter entities.)

--Lars M.