Re: safe HTTP transport of lock comments

On Feb 17, 2005, at 4:40 PM, Julian Foad wrote:
>
>
> I think we might agree that the current acceptance of such characters
> in log messages is a bug.

Hm, yeah, that's sort of what a few of us were saying in IRC. Why
allow at all?

What would be really nice is to declare that all log-messages and
lock-comments *must*

   1. be UTF8
   2. be xml-escapable.

...and then magically enforce this everywhere, on both sides of the
network.

>
>> The goal is a perfectly lossless transport of the lock comment over
>> HTTP [...]
>
> That's a fine goal, and can be achieved simply by enforcing the same
> client-side validity check for lock comments that we (should/will)
> enforce for log messages. Isn't that your perfect world?
>

No, because "bad" log messages get into the repository by means other
than the client: a weird dumpfile, cvs2svn, or any rogue application
using libsvn_fs. We haven't been enforcing things at the fs level.

So we've already fixed a bug whereby control-chars slipped into the
repository, and now mod_dav_svn has to loss-ily escape them when
sending them out.

Perhaps it would be much simpler to declare these control-chars
illegal, block them at the client, and also have mod_dav_svn loss-ily
escape messages as a safeguard.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Fri Feb 18 00:14:36 2005