No, really, catalogs matter.

Back in 2004, I wrote up my harsh lesson in using a validating parser and why you should use an XML Catalog in your systems.

Last week, Netscape temporarily removed the DTD for RSS 0.91 from their site, and things promptly went south.

In response to that mess, Henri Sivonen points out that if you’re sending XML (not HTML) over the wire, there’s no reason to attach a Doctype declaration, and consuming applications should use internal Catalogs if they want to validate what they get over the wire.

I echo Sivonen’s reminder that you should declare a DTD when sending HTML, since browsers know to either ignore it or use a local version of the DTD.

Sivonen also mentions, in passing, the Billion Laughs attack. Which, to my shame, I’d missed.

Possibly Related posts (machine generated):

  1. Really, Catalogs Matter
  2. Black Box Parsing and Wireless Web Nostalgia
  3. Markup Abuse: some comments on the XML panacea
  4. Limbaugh v. Postrel
  5. Some Technical Difficulties, or Bill broke the parser…

More like this: , , .

This entry was written by Bill Humphries and posted on January 18, 2007 at 10:56 am and filed under programming. Bookmark the permalink. Follow any comments here with the Atom feed for this post. Both comments and trackbacks are currently closed.
  • http://hsivonen.iki.fi/ Henri Sivonen

    Actually, the reason to use a doctype (not just any but a good one) is to activate the standards layout mode. I am not aware of any HTML browser that used a local DTD. (Some XHTML browsers do map certain public IDs to local abridged DTDs, though.)

    Thanks for the linkage.

blog comments powered by Disqus