Markdown comments

Michel Fortin michel.fortin at michelf.com
Tue Sep 19 11:53:17 EDT 2006


Le 19 sept. 2006 à 10:52, John Gruber a écrit :


> Jacob Rus <jrus at hcs.harvard.edu> wrote on 9/18/06 at 7:05 PM:

>

>> Let's please stick to this philosophy, and not complicate

>> matters. If

>> authors can't handle -- inside comments, and the browser chokes,

>> it is

>> most certainly not markdown's fault, and any change we make here to

>> original comments (at least of those i've seen) will be confusing and

>> non-reversible.

>

> This is how I'm leaning. Because Markdown won't fix other invalid

> XML constructs, either -- i.e. invalid XML constructs *outside*

> comments.

>

> So, anyone who wants to pass untrusted Markdown-generated XHTML

> through a validating XML parser is going to have to do their own

> sanity checking/cleanup pass anyway, and fixing "__" strings in

> comments will be the least of their potential problems.


I agree, and I'd tend to not fix comments either.

I'd just like to clarify two points however. First, there is a
distinction to be made between valid XML and well-formed XML. Invalid
XML will not choke the parser if it is well formed. An invalid id
attribute doesn't prevent the document from being well formed, but an
unescaped `<` within an attribute will.

Second point: I think the best argument supporting sanitizing
comments isn't XML, it's the disparities in HTML parsing introduced
while people were advocating about "fixing" the browsers (instead of
fixing the spec).

Just try this on my PHP Markdown Dingus using Firefox and you'll see
what I mean:

<!-- -- -->

If you look at Firefox's syntax-highlighted source code for the
result, you'll see that the comment continues until it encounter that
part of the syntax cheatsheet sidebar:

<pre><code>---

* * *

- - - -
</code></pre>

The first two adjacent hyphens closes the SGML comment, and the `>`
from `</code>` closes the SGML markup declaration. So markup start
again at `</pre>`. That's just insane! And Safari 2.0.2 does the same
as Firefox, although this was fixed back in later versions.

If you try it on John's Markdown dingus, things are a little
different because the doctype is transitional. Firefox just shows the
comment as plain text.

All this doesn't necessarily mean it should be Markdown's job to fix
comments, but it shows that ill-formed comments can cause big
problems in HTML too, because of disparities between browsers.


Michel Fortin
michel.fortin at michelf.com
http://www.michelf.com/




More information about the Markdown-Discuss mailing list