Re: XMLATTRIBUTES vs. values of type XML

From: Peter Eisentraut <peter_e(at)gmx(dot)net>
To: Florian Pflug <fgp(at)phlo(dot)org>
Cc: PG Hackers <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: XMLATTRIBUTES vs. values of type XML
Date: 2011-07-27 21:08:48
Message-ID: 1311800928.5508.20.camel@vanquo.pezone.net
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

On ons, 2011-07-27 at 19:37 +0200, Florian Pflug wrote:
> > Per SQL standard, the attribute values may not be of type XML, so
> maybe
> > we should just prohibit it.
>
> We probably should have, but I think it's too late for that. I don't
> believe I'm the only one who uses XPATH results as attribute values,
> and we'd severely break that use-case.
>
> You might say the same thing about my proposal, of course, but I
> believe
> the risk is much smaller there. Applications would only break if they
> (a) Pass XML from a source other than a XPath expression selecting
> a text or attribute and
> (b) actually want double-escaping to occur.

Well, offhand I would expect that passing an XML value to XMLATTRIBUTES
would behave as in

SELECT XMLELEMENT(NAME "t", XMLATTRIBUTES(XMLSERIALIZE(content '&amp;'::XML AS text) AS "a"))

which is what it indeed does in 9.1.

So if we don't want to restrict this, for backward compatibility, then I
would suggest that we fix it to work like it used to.

I would be very hesitant about adding another escape mechanism that
escapes some things but not others. We already have two or three of
those for XML, and it doesn't seem worth adding another one just for
this, which is outside the standard and for which a valid workaround
exists.

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Peter Eisentraut 2011-07-27 21:19:02 Re: psql: bogus descriptions displayed by \d+
Previous Message Alvaro Herrera 2011-07-27 20:27:55 Re: SSI error messages