ID: 44648
Comment by: geoffers+phpbugs at gmail dot com
Reported By: [EMAIL PROTECTED]
Status: Open
Bug Type: DOM XML related
Operating System: Windows Vista
PHP Version: 5.2.5
Assigned To: rrichards
New Comment:
While we should be throwing exceptions when strictErrorChecking is
true,
behaviour when it is false is undefined. I would suggest in that case
to
keep allowing everything.
Previous Comments:
------------------------------------------------------------------------
[2008-04-06 04:15:54] [EMAIL PROTECTED]
You're right, that was my mistake.
I suppose that any of the places where the DOM specification could
raise an exception would be the places where there needs to be
error-checking.
Ought of curiosity, how come we don't use gdome2?
------------------------------------------------------------------------
[2008-04-05 23:22:24] [EMAIL PROTECTED]
You should read the specs more closely. Names are most certainly
checked
and a DOMException with an INVALID_CHARACTER_ERROR error is thrown.
Some of the others I need to look at because it is perfectly fine to
create non well formed XML using DOM though it should error during
serialization, so for those the bug would onl be in the saveXML
routine.
Other extensions it is not a bug because non-well formed XML support is
required because the output when used in a larger context is well
formed
------------------------------------------------------------------------
[2008-04-05 23:02:49] [EMAIL PROTECTED]
One more: ]]> is not allowed in CDATA blocks.
I also suspect that the other XML extensions have bugs here.
------------------------------------------------------------------------
[2008-04-05 23:02:02] [EMAIL PROTECTED]
IIRC, DOM does not make any demands on names or things like that.
libxml2, which is known for its strictness, doesn't either. So, I'm
still hoping that you'll let the checks be turned off. :-)
Some things from my investigation:
- Double hyphens (--) are not allowed in comments
- Most of the text inputs don't check for UTF-8 well-formedness.
Haven't tested numeric character entities either, but those are
suspicious
- Fake namespace declarations in attributes
($d->appendChild($d->createElement('foo:bar')); results in invalid XML,
as foo namespace was never defined)
All these result in a $d->saveXML(); that is invalid XML, and probably
some more.
------------------------------------------------------------------------
[2008-04-05 22:54:04] [EMAIL PROTECTED]
assign to self.
The strictness is dependent upon the DOM specs and setAttribute should
be throwing an exception in that case. While I am going to go through
and check other methods, let me know if you come across any others that
are not validating names correctly.
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/44648
--
Edit this bug report at http://bugs.php.net/?id=44648&edit=1
