[Xapian-devel] opensearch template

James Aylett james-xapian at tartarus.org
Tue Jan 3 17:48:58 GMT 2006


On Tue, Jan 03, 2006 at 05:41:25PM +0000, Olly Betts wrote:

> > If you do, the < and > in the $highlight{...} need to change to
> > < and > respectively, or you'll have "double escaped" them.
> 
> I think the double escaping is correct.

No, you're completely right. Silly me.

> > In theory we can re-work opensearch over Atom, but you get into fiddly
> > areas because Atom requires GUIDs. There wasn't enough interest on the
> > Atom list to get anywhere with the idea, as far as I can tell (and
> > neither Richard nor I have had time).
> 
> I think it's been done now - the opensearch site talks about use with
> RSS or Atom anyway.

There were issues with the simplicity of opensearch some people wanted
to address. Also trying to get a solid specification for opensearch+
rather than one which relies on the underlying definitions.

> > The opensearch template isn't really finished - it was more a quick
> > hack to see how fiddly it would be.
> 
> OK, but we really shouldn't be shipping stuff with missing escaping.

Absolutely. I don't remember deciding to ship it, which probably means
it was a mistake.

> That's where XSS security holes come from...

Well, (a) we shouldn't be building XML without at least running it
through a well-formedness check; (b) HTML shouldn't really be embedded
using escaping, it should be done by reference or in CDATA which is a
big step towards avoiding XSS-like problems because it removes the
multi-escaping issue entirely.

CDATA inside RSS causes problems for some clients, however (bah). (a)
is probably worth looking at at some point - a mechanism which allows
omega to run the generated string through an empty SAX parser to check
it isn't rubbish.

That doesn't solve the problem, however. I'm not convinced building
XML using omegascript is a good idea; we should be using a tool built
on GenX or something. (Now... a variant of omegascript that outputs
generated XML where the presence or absence of elements/data was
configurable - that would be very nice. If it could feed into an STX
processor, so much the better.)

J

-- 
/--------------------------------------------------------------------------\
  James Aylett                                                  xapian.org
  james at tartarus.org                               uncertaintydivision.org



More information about the Xapian-devel mailing list