XHTML严格解决什么问题？ [英] What problem does XHTML strict solve?

问题描述

我真的不明白XHTML严格的魅力。内联JavaScript通常需要一个逃脱鼠窝以使其与XHTML兼容，并且与MSIE 5& 6.然后在用户输入上存在不足OCD的问题，以确保不会错过任何非法字符。它的价值似乎更加努力。不要忘记，几乎每个我一直工作的开发人员都会忘记确保从服务器返回的内容类型为XHTML页面从text / html复制到application / xhtml + xml。

希望我知道博主的名字，但有人指出，大多数被认为符合XHTML的网站和开源软件包实际上并不是因为最后一个问题，因为忘记正确设置内容类型标题。

我正在理解为什么XHTML是有用的，或者构建了足够多的论据库，以防止它在将来影响我的项目中使用。 / p>

解决方案

XHTML1 vs HTML4以及Strict vs Transitional是完全正交的问题。

XML今天可能不会给浏览器带来任何巨大的好处，但在服务器端，使用XML处理文档比处理旧式SGML-excep t-not-really HTML4。

将自己限制在[X] HTML Strict本身并没有达到任何目的，除了阻止使用旧的，更少的 -

内联javascript通常需要一个逃脱鼠窝以使其与XHTML兼容

p>

只要您不使用字符<或& ;.和'//< [CDATA ['并不比'< ！''在过去的日子里。

在任何情况下，保持外部脚本更易于管理;你不希望做任何重要的内联。

然后，在用户输入中存在不足OCD的问题以确保您不会错过任何非法字符。

HTML4 Transitional中的带外字符与XHTML1 Strict中的无效字符完全一样。

如果您接受用户提交的HTML，并且没有使用足够精细的梳齿来检查/转义它以防止格式错误，那么您的问题就不仅仅是遵守文档类型。你会让注入黑客通过，并使您的网站易受跨站点脚本安全漏洞。

忘记确保内容 - 从服务器返回的类型被重置为XHTML页面从文本/ html到应用程序/ html + xml。

这不是'忘记'，这是故意的：今天在提供application / xhtml + xml方面没有多少意义。为了说明IE，你必须嗅探UA，然后确保你理解在两种解析模式下弹出的CSS和JavaScript差异......你可以这样做来证明你的技术实力，但它并不能真正帮助你。

将XHTML用作遗留HTML可能并不理想，但它可以让您保留更简单，更可处理的XML语法（以及与其他XML语言（如SVG）的潜在互操作性）同时仍然是浏览器友好的。

人们抱怨格式错误的挑剔性，但是马上为您解决这些错误会更好比悄悄地将它们留在那里，准备好去浏览一些未来的浏览器。

I really don't understand the fascination with XHTML strict. Inline JavaScript typically requires a rats nest of escapes to make it compatible with XHTML and semi-backwards compatible with MSIE 5 & 6. Then there is the issue of not being OCD enough on user input to make sure you don't miss any illegal characters. It just seems like more effort then its worth. Nevermind that almost every developer I've worked along side of keeps forgetting to ensure the content-type returned from the server is reset for XHTML pages from text/html to application/xhtml+xml.

Wish I knew the name of the blogger, but someone else pointed out that a majority of supposedly XHTML compliant websites and open source packages are actually not because of that last issue, forgetting to set the content-type header correctly.

I'm looking to understand why XHTML is useful, or build enough of an arsenal of arguments to prevent it ever being used in future projects that I have influence on.

解决方案

XHTML1 vs HTML4 and Strict vs Transitional are completely orthogonal issues.

XML might not give any huge advantage to browsers today, but on the server end it's an order of magnitude easier to process documents using XML than trying to parse the mess that is old-school-SGML-except-not-really HTML4.

Restricting yourself to [X]HTML Strict doesn't achieve anything in itself, other than simply that it discourages the use of old, less-maintainable techniques you shouldn't be using anyway.

Inline javascript typically requires a rats nest of escapes to make it compatible with XHTML

You can get away without any escapes as long as you don't use the characters < or &. And ‘// < [CDATA[’ isn't really much worse than ‘< !--’ was in the old days.

In any case, keeping the scripting external is much more manageable; you don't want to be doing anything significant inline.

Then there is the issue of not being OCD enough on user input to make sure you don't miss any illegal characters.

Out-of-band characters are exactly as invalid in HTML4 Transitional as in XHTML1 Strict.

If you're accepting user-submitted HTML and not checking/escaping it with enough of a fine tooth comb to prevent well-formedness errors you have much bigger problems than just complying with a doctype. You'll be letting injection hacks through and making your site vulnerable to cross-site-scripting security holes.

forgetting to ensure the content-type returned from the server is reset for XHTML pages from text/html to application/html+xml.

It's not ‘forgetting’, it's deliberate: there is not really that much point in serving application/xhtml+xml today. To account for IE you have to sniff UA, and then make sure you understand the CSS and JavaScript differences that pop up in both parsing modes... you can do it to prove your technical prowess, but it doesn't really get you anything.

Serving XHTML as legacy HTML may not be ideal, but it lets you keep the simpler, more processable syntax of XML (and potential interoperability with other XML languages like SVG) whilst still being browser-friendly.

People complain about the pickiness of the well-formedness errors, but having those errors picked up straight away for you to fix them is way better than leaving them there silently, ready to trip up some future browser.

这篇关于XHTML严格解决什么问题？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！