[OSM-dev] broken utf8 in minute changeset 200907140650
Tom Hughes
tom at compton.nu
Tue Jul 14 17:59:21 BST 2009
On 14/07/09 17:42, Ævar Arnfjörð Bjarmason wrote:
> On Tue, Jul 14, 2009 at 4:19 PM, Tom Hughes<tom at compton.nu> wrote:
>> On 14/07/09 17:09, Ævar Arnfjörð Bjarmason wrote:
>>
>>> Yes from a client point of view. But the server portion of Potlatch
>>> shouldn't trust the client side to do data validation. Doing
>>> server-side content validation equivalent to the main API would have
>>> prevented both the issue described in ticket:1936 and presumably this
>>> issue too.
>> No it wouldn't prevented this issue, because the main API checks for valid
>> UTF-8, which this was. The problem in this case was that it was a UTF-8
>> control character which is not valid in XML and both APIs allow those
>> through at the moment.
>
> Yes the main API checks for valid UTF-8 once it gets a hold of it, but
> the main API also *incidentally* does further validations when it does
> XML parsing via libxml, which is where it'll reject things which makes
> XML parsers puke.
Yes OK, but that is basically an accident and not deliberate. Which is
also why it doesn't give a very helpful error.
Tom
--
Tom Hughes (tom at compton.nu)
http://www.compton.nu/
More information about the dev
mailing list