[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [xacml] XPath support in the JSON profile
Sounds reasonable to me. b On Nov 15, 2012, at 7:44 AM, David Brossard <david.brossard@axiomatics.com> wrote: > The profile could offer both approaches. Base64 sounds easy and safe. > > The XML (JSON-escaped) could be another, more readable option. > > Thoughts? > > On Thu, Nov 15, 2012 at 4:30 PM, Bill Parducci <bill@parducci.net> wrote: > OK, sorry for the misunderstanding. > > With respect to escaping XML specifically, my preference remains with base64 encoding. It is well a understood, ubiquitous mechanism that doesn't lend itself to the kind of human interpretive issues we have already seen on this thread. I believe any solution will require mechanized transformation to enable human debugging and do not believe the size argument is relevant for reasons stated earlier. > > Thanks > > b > > > On Nov 15, 2012, at 7:11 AM, David Brossard <david.brossard@axiomatics.com> wrote: > > > No, these were 2 separate threads. Not related. Sorry about the confusion. > > > > I suggest this as the one and only way of escaping XML inside JSON: > > > > \ should be escaped using \: \\ > > " should be escaped using \: \" > > > > • Before: <xmlContent value="the \ is a neat thing">foo "content" with \"" as example</xmlContent> > > • After: <xmlContent value=\"the \\ is a neat thing\">foo \"content\" with \\\"\" as example</xmlContent> > > > > > > What do you think? > > > > On Thu, Nov 15, 2012 at 4:06 PM, Bill Parducci <bill@parducci.net> wrote: > > Sorry, I am not following. This appears to be a transformation (html entities) from what would be in the raw payload. If so, I am not sure what is being accomplished. If the suggestion is to apply a second transformation on top of XML escaping then I suggest that the additional complexity is probably not justified. > > > > b > > > > > > On Nov 15, 2012, at 6:49 AM, David Brossard <david.brossard@axiomatics.com> wrote: > > > >> Bill, > >> > >> I meant escaped XML/HTML using the HTML way of escaping things. > >> > >> Try: > >> > >> <html> > >> <body> > >> foo <elem>some stuff</elem> > >> </body> > >> </html> > >> > >> save it to foo.html and open it. > >> > >> On Thu, Nov 15, 2012 at 3:47 PM, Bill Parducci <bill@parducci.net> wrote: > >> Opening the latter in Chrome yields: > >> > >> foo \"content\" with \\\"\" as example > >> > >> I think perhaps you misspoke re: being able to read this in a browser...at least inasmuch as it being a viable mechanism for debugging ;) > >> > >> b > >> > >> On Nov 15, 2012, at 6:13 AM, David Brossard <david.brossard@axiomatics.com> wrote: > >> > >> > I just realized that I am not being very consistent here. > >> > > >> > \ should be escaped using \: \\ > >> > " should be escaped using \: \" > >> > > >> > • Before: <xmlContent value="the \ is a neat thing">foo "content" with \"" as example</xmlContent> > >> > • After: <xmlContent value=\"the \\ is a neat thing\">foo \"content\" with \\\"\" as example</xmlContent> > >> > What do you think? > >> > >> > >> > >> > >> -- > >> David Brossard, M.Eng, SCEA, CSTP > >> Product Manager > >> +46(0)760 25 85 75 > >> Axiomatics AB > >> Skeppsbron 40 > >> S-111 30 Stockholm, Sweden > >> http://www.linkedin.com/companies/536082 > >> http://www.axiomatics.com > >> http://twitter.com/axiomatics > > > > > > > > -- > > David Brossard, M.Eng, SCEA, CSTP > > Product Manager > > +46(0)760 25 85 75 > > Axiomatics AB > > Skeppsbron 40 > > S-111 30 Stockholm, Sweden > > http://www.linkedin.com/companies/536082 > > http://www.axiomatics.com > > http://twitter.com/axiomatics > > > > > -- > David Brossard, M.Eng, SCEA, CSTP > Product Manager > +46(0)760 25 85 75 > Axiomatics AB > Skeppsbron 40 > S-111 30 Stockholm, Sweden > http://www.linkedin.com/companies/536082 > http://www.axiomatics.com > http://twitter.com/axiomatics
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]