OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [xacml] XPath support in the JSON profile

The profile could offer both approaches. Base64 sounds easy and safe.

The XML (JSON-escaped) could be another, more readable option.

Thoughts?

On Thu, Nov 15, 2012 at 4:30 PM, Bill Parducci <bill@parducci.net> wrote:
OK, sorry for the misunderstanding.

With respect to escaping XML specifically, my preference remains with base64 encoding. It is well a understood, ubiquitous mechanism that doesn't lend itself to the kind of human interpretive issues we have already seen on this thread. I believe any solution will require mechanized transformation to enable human debugging and do not believe the size argument is relevant for reasons stated earlier.

Thanks

b


On Nov 15, 2012, at 7:11 AM, David Brossard <david.brossard@axiomatics.com> wrote:

> No, these were 2 separate threads. Not related. Sorry about the confusion.
>
> I suggest this as the one and only way of escaping XML inside JSON:
>
> \ should be escaped using \: \\
> " should be escaped using \: \"
>
>       • Before: <xmlContent value="the \ is a neat thing">foo "content" with \"" as example</xmlContent>
>       • After: <xmlContent value=\"the \\ is a neat thing\">foo \"content\" with \\\"\" as example</xmlContent>
>
>
> What do you think?
>
> On Thu, Nov 15, 2012 at 4:06 PM, Bill Parducci <bill@parducci.net> wrote:
> Sorry, I am not following.  This appears to be a transformation (html entities) from what would be in the raw payload. If so, I am not sure what is being accomplished. If the suggestion is to apply a second transformation on top of XML escaping then I suggest that the additional complexity is probably not justified.
>
> b
>
>
> On Nov 15, 2012, at 6:49 AM, David Brossard <david.brossard@axiomatics.com> wrote:
>
>> Bill,
>>
>> I meant escaped XML/HTML using the HTML way of escaping things.
>>
>> Try:
>>
>> <html>
>> <body>
>> foo &lt;elem&gt;some stuff&lt;/elem&gt;
>> </body>
>> </html>
>>
>> save it to foo.html and open it.
>>
>> On Thu, Nov 15, 2012 at 3:47 PM, Bill Parducci <bill@parducci.net> wrote:
>> Opening the latter in Chrome yields:
>>
>> foo \"content\" with \\\"\" as example
>>
>> I think perhaps you misspoke re: being able to read this in a browser...at least inasmuch as it being a viable mechanism for debugging ;)
>>
>> b
>>
>> On Nov 15, 2012, at 6:13 AM, David Brossard <david.brossard@axiomatics.com> wrote:
>>
>> > I just realized that I am not being very consistent here.
>> >
>> > \ should be escaped using \: \\
>> > " should be escaped using \: \"
>> >
>> >       • Before: <xmlContent value="the \ is a neat thing">foo "content" with \"" as example</xmlContent>
>> >       • After: <xmlContent value=\"the \\ is a neat thing\">foo \"content\" with \\\"\" as example</xmlContent>
>> > What do you think?
>>
>>
>>
>>
>> --
>> David Brossard, M.Eng, SCEA, CSTP
>> Product Manager
>> +46(0)760 25 85 75
>> Axiomatics AB
>> Skeppsbron 40
>> S-111 30 Stockholm, Sweden
>> http://www.linkedin.com/companies/536082
>> http://www.axiomatics.com
>> http://twitter.com/axiomatics
>
>
>
> --
> David Brossard, M.Eng, SCEA, CSTP
> Product Manager
> +46(0)760 25 85 75
> Axiomatics AB
> Skeppsbron 40
> S-111 30 Stockholm, Sweden
> http://www.linkedin.com/companies/536082
> http://www.axiomatics.com
> http://twitter.com/axiomatics




--
David Brossard, M.Eng, SCEA, CSTP
Product Manager
+46(0)760 25 85 75
Axiomatics AB
Skeppsbron 40
S-111 30 Stockholm, Sweden
http://www.linkedin.com/companies/536082
http://www.axiomatics.com
http://twitter.com/axiomatics

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]