peteg's blog - AYAD - Project - 2008 03 23 XHtml

Simplifying the XHTML DTD for fun and profit.

Sun, Mar 23, 2008./AYAD/Project | Link

For the usual reasons it seemed best to use FCKeditor as an input widget for HOPE. I had hoped to provide some kind of hacker-friendly markup but time is short and convincing FCKeditor to generate it would probably require some heart surgery. So XHTML everywhere it is.

Clearly this path should lead to paranoia; we can't allow users to submit arbitary strings, or even arbitary XHTML. My heavyweight solution is to validate such submissions against a stripped-down XHTML DTD using HaXml. So far I've removed forms, scripts and restricted the attributes of <a> to just href. I wish the DTD was readable; it is merely an algebraic data type afterall.

Combined with some thorough string-escaping for the other inputs and a tendency to cop-out (crash) on anything that doesn't completely conform to expectations, I think we will be all right.

You can try your hand here. Any and all feedback is much appreciated.

In related news I've uploaded my FCKeditor "server-side integration" Haskell library to Hackage. Find that here.

Categories

Fellow Travellers

Josef
mrak
Peodair
Tim
Vijay
Waleed

Archives

2024 (45)
- April (8)
- March (10)
- February (12)
- January (15)
2023 (188)
- December (16)
- November (18)
- October (17)
- September (21)
- August (10)
- July (22)
- June (18)
- May (11)
- April (11)
- March (11)
- February (21)
- January (12)
2022 (188)
- December (16)
- November (18)
- October (13)
- September (15)
- August (11)
- July (23)
- June (14)
- May (14)
- April (15)
- March (13)
- February (19)
- January (17)
2021 (151)
- December (14)
- November (13)
- October (12)
- September (12)
- August (15)
- July (12)
- June (13)
- May (12)
- April (4)
- March (10)
- February (14)
- January (20)
2020 (169)
- December (27)
- November (10)
- October (21)
- September (6)
- August (12)
- July (17)
- June (10)
- May (15)
- April (16)
- March (10)
- February (11)
- January (14)
2019 (332)
- December (16)
- November (28)
- October (16)
- September (18)
- August (28)
- July (23)
- June (20)
- May (26)
- April (34)
- March (43)
- February (40)
- January (40)
2018 (331)
- December (39)
- November (40)
- October (26)
- September (21)
- August (17)
- July (23)
- June (27)
- May (21)
- April (27)
- March (29)
- February (24)
- January (37)
2017 (235)
- December (32)
- November (23)
- October (13)
- September (15)
- August (7)
- July (15)
- June (17)
- May (26)
- April (11)
- March (23)
- February (26)
- January (27)
2016 (164)
- December (29)
- November (11)
- October (26)
- September (15)
- August (9)
- July (7)
- June (6)
- May (18)
- April (15)
- March (12)
- February (5)
- January (11)
2015 (186)
- December (16)
- November (11)
- October (14)
- September (16)
- August (22)
- July (13)
- June (6)
- May (15)
- April (22)
- March (17)
- February (14)
- January (20)
2014 (188)
- December (16)
- November (15)
- October (18)
- September (21)
- August (12)
- July (18)
- June (11)
- May (18)
- April (9)
- March (11)
- February (18)
- January (21)
2013 (230)
- December (27)
- November (24)
- October (19)
- September (20)
- August (21)
- July (12)
- June (8)
- May (23)
- April (18)
- March (20)
- February (14)
- January (24)
2012 (221)
- December (23)
- November (20)
- October (21)
- September (14)
- August (15)
- July (12)
- June (21)
- May (15)
- April (21)
- March (18)
- February (20)
- January (21)
2011 (226)
- December (16)
- November (29)
- October (22)
- September (21)
- August (13)
- July (19)
- June (17)
- May (7)
- April (12)
- March (20)
- February (26)
- January (24)
2010 (298)
- December (24)
- November (28)
- October (17)
- September (24)
- August (22)
- July (22)
- June (14)
- May (9)
- April (22)
- March (34)
- February (34)
- January (48)
2009 (247)
- December (34)
- November (19)
- October (17)
- September (19)
- August (13)
- July (15)
- June (16)
- May (19)
- April (16)
- March (36)
- February (21)
- January (22)
2008 (202)
- December (27)
- November (14)
- October (17)
- September (19)
- August (20)
- July (14)
- June (5)
- May (19)
- April (14)
- March (25)
- February (16)
- January (12)
2007 (287)
- December (13)
- November (22)
- October (12)
- September (10)
- August (14)
- July (14)
- June (24)
- May (32)
- April (30)
- March (38)
- February (35)
- January (43)
2006 (265)
- December (49)
- November (48)
- October (32)
- September (36)
- August (30)
- July (6)
- June (12)
- May (9)
- April (8)
- March (8)
- February (8)
- January (19)
2005 (99)
- December (9)
- November (12)
- October (5)
- August (1)
- March (12)
- February (31)
- January (29)
2004 (139)
- December (12)
- November (21)
- October (9)
- September (16)
- August (4)
- July (33)
- June (12)
- May (7)
- April (11)
- March (7)
- February (5)
- January (2)
2003 (22)
- December (5)
- November (3)
- October (2)
- September (2)
- August (9)
- April (1)

Site