On Tuesday 25 January 2005 16:16, Daniel Veillard wrote:
> On Tue, Jan 25, 2005 at 04:08:42PM +0100, Samuel D�az Garc�a wrote:
> If you trust the XML File content, why do you validate it ?
> If you don't trust the XML File content, how can you trust that
> specific attribute value ?
> A Schemas/DTD is a contract between a provider and consumer,
> I would never blindly trust a contract coming with the product, that's
> why I don't believe in the whole xsi (instance schemas informations).
I agree, when the consumer is arbitrary and principles such that all input is
evil applies, XSI defeats the purpose of the safety barrier("You should let
me through because I have written it on my card!")
But when the compromisation threat is smaller, such as when the provider won't
intentionally try to break it, or when an error is more acceptable(doing
simple, manual testing), it could be that the problems XSI brings are outrun
by the practical issues it solves: associating a document instance with a
Schema. For example, I would find XSI practical when doing manual
validations, but doubtable when doing runtime validation. Of course, that
doesn't mean the XSI mechanism as a whole is justified, or that its pros
cannot be achieved in other ways.
Cheers,
Frans
_______________________________________________
xml mailing list, project page http://xmlsoft.org/
[email protected]
http://mail.gnome.org/mailman/listinfo/xml
