Re: [xacml] XPath support in the JSON profile

[Bill Parducci <bill@parducci.net>]

OK, sorry for the misunderstanding.

With respect to escaping XML specifically, my preference remains with base64 encoding. It is well a understood, ubiquitous mechanism that doesn't lend itself to the kind of human interpretive issues we have already seen on this thread. I believe any solution will require mechanized transformation to enable human debugging and do not believe the size argument is relevant for reasons stated earlier. 

Thanks

b 


On Nov 15, 2012, at 7:11 AM, David Brossard <david.brossard@axiomatics.com> wrote:

> No, these were 2 separate threads. Not related. Sorry about the confusion.
> 
> I suggest this as the one and only way of escaping XML inside JSON:
> 
> \ should be escaped using \: \\
> " should be escaped using \: \"
> 
> 	• Before: <xmlContent value="the \ is a neat thing">foo "content" with \"" as example</xmlContent>
> 	• After: <xmlContent value=\"the \\ is a neat thing\">foo \"content\" with \\\"\" as example</xmlContent>
> 
> 
> What do you think?
> 
> On Thu, Nov 15, 2012 at 4:06 PM, Bill Parducci <bill@parducci.net> wrote:
> Sorry, I am not following.  This appears to be a transformation (html entities) from what would be in the raw payload. If so, I am not sure what is being accomplished. If the suggestion is to apply a second transformation on top of XML escaping then I suggest that the additional complexity is probably not justified. 
> 
> b
>  
> 
> On Nov 15, 2012, at 6:49 AM, David Brossard <david.brossard@axiomatics.com> wrote:
> 
>> Bill,
>> 
>> I meant escaped XML/HTML using the HTML way of escaping things.
>> 
>> Try:
>> 
>> <html>
>> <body>
>> foo &lt;elem&gt;some stuff&lt;/elem&gt;
>> </body>
>> </html>
>> 
>> save it to foo.html and open it.
>> 
>> On Thu, Nov 15, 2012 at 3:47 PM, Bill Parducci <bill@parducci.net> wrote:
>> Opening the latter in Chrome yields:
>> 
>> foo \"content\" with \\\"\" as example
>> 
>> I think perhaps you misspoke re: being able to read this in a browser...at least inasmuch as it being a viable mechanism for debugging ;)
>> 
>> b
>> 
>> On Nov 15, 2012, at 6:13 AM, David Brossard <david.brossard@axiomatics.com> wrote:
>> 
>> > I just realized that I am not being very consistent here.
>> >
>> > \ should be escaped using \: \\
>> > " should be escaped using \: \"
>> >
>> >       • Before: <xmlContent value="the \ is a neat thing">foo "content" with \"" as example</xmlContent>
>> >       • After: <xmlContent value=\"the \\ is a neat thing\">foo \"content\" with \\\"\" as example</xmlContent>
>> > What do you think?
>> 
>> 
>> 
>> 
>> -- 
>> David Brossard, M.Eng, SCEA, CSTP
>> Product Manager
>> +46(0)760 25 85 75
>> Axiomatics AB
>> Skeppsbron 40
>> S-111 30 Stockholm, Sweden
>> http://www.linkedin.com/companies/536082
>> http://www.axiomatics.com
>> http://twitter.com/axiomatics
> 
> 
> 
> -- 
> David Brossard, M.Eng, SCEA, CSTP
> Product Manager
> +46(0)760 25 85 75
> Axiomatics AB
> Skeppsbron 40
> S-111 30 Stockholm, Sweden
> http://www.linkedin.com/companies/536082
> http://www.axiomatics.com
> http://twitter.com/axiomatics