Re: HTML5 encodings (was: Re: BOCU patent)

From: Doug Ewell (doug@ewellic.org)
Date: Mon Dec 28 2009 - 22:19:46 CST

Next message: Doug Ewell: "Re: HTML5 encodings"

Previous message: Asmus Freytag: "Re: Filtering and displaying untrusted UTF-8"
In reply to: Peter Krefting: "Re: HTML5 encodings (was: Re: BOCU patent)"
Next in thread: Philippe Verdy: "Re: HTML5 encodings (was: Re: BOCU patent)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Mail actions: [ respond to this message ] [ mail a new topic ]

Peter Krefting <peter at opera dot com> wrote:

>> UTF-32 is stateful/poses a security risk?
>
> If mistakenly interpreted as UTF-16 by a web browser that does not
> support UTF-32, it would introduce nul characters into the character
> stream, which may cause interesting problems.

Creating standards that forbid conformant browsers to support certain
encodings, discourage them from supporting others, and require them to
interpret others as if they were something else, doesn't exactly seem
like a constructive way to avoid problems like this.

--
Doug Ewell  |  Thornton, Colorado, USA  |  http://www.ewellic.org
RFC 5645, 4645, UTN #14  |  ietf-languages @ http://is.gd/2kf0s

Next message: Doug Ewell: "Re: HTML5 encodings"
Previous message: Asmus Freytag: "Re: Filtering and displaying untrusted UTF-8"
In reply to: Peter Krefting: "Re: HTML5 encodings (was: Re: BOCU patent)"
Next in thread: Philippe Verdy: "Re: HTML5 encodings (was: Re: BOCU patent)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Mail actions: [ respond to this message ] [ mail a new topic ]

This archive was generated by hypermail 2.1.5 : Mon Dec 28 2009 - 22:21:41 CST