[OSM-talk] Re: [OSM-dev] API 0.3 - Map call

[Thomas Walraet]

Immanuel Scholz a écrit :
> 
> If you want, we can start a very abstract and theoretical discussion of
> what are the difference between attributes and text nodes in the spirit of
> xml...
> But we may also stick to practical aspects. ;-)

It's a practical aspect to put user values in text node. When it's in 
attributes, you have to specify how to escape ", CR, etc.


>>> <tag k="foo"><tag k="bar">I am mean</tag></tag>
>>>
>>> (This would be legal
>> This should be illegal (easy to do in DTD or schema)
> 
> Do you mean: It should be illegal to enter a value which is in xml format
> containing the tag "tag"? Then I strongly disagree. I don't want to
> restrict the user unnecessary when entering its beloved tags. And "the
> output while transferring to the server is not humans-readible" is not a
> necessary enough reason! ;-)

The part <tag k="bar">I am mean</tag> is a value, so parser have to 
ignore it.

If you give <tag k="foo"><tag k="bar">I am mean</tag></tag> to a parser, 
it will consider the second <tag> has a node. Bad.

If you use the XPath query "//tag" on your file, the result set will 
contain the k="bar" tag. Bad bad bad.


I'm agree not to restrict the user. That's a reason why CDATA section 
exists ;)


>> <tag k="foo"><![CDATA[<tag k="bar">I am mean</tag>]]></tag> is the right
>> way to do it IMHO.
>> (but CDATA nodes are bad for human readability)
> 
> Urks! I didn't even know this is possible in XML.. Looks terrible to me!
> And I doubt simple parsers like MinML can read this (if even I can't read
> it ;).

CDATA sections are really important in XML. Even the simpliest parser 
should them.


Options for putting user data on a XML file are :
- In attributes but then we should forbid or escape ", ', carriage 
returns and probably many other chars
- In text node but then we should escape <, >, &, ...
- In CDATA sections


The attributes solution seems easier and is really more human readable. 
For an XML file read 99,99% of time by a parser, CDATA sections have my 
preference.

But I also prefer to see new features and ui improvements on OSM instead 
of another API change or abstract discussion about XML (really!).
With the current choice, I just want to point that extra care is needed 
on controlling inputs and escaping special characters.


Ciao,
-- 
Thomas Walraet (still arguing and not doing anything)