diff options
| author | John MacFarlane <jgm@berkeley.edu> | 2015-06-04 10:50:22 +0200 |
|---|---|---|
| committer | John MacFarlane <jgm@berkeley.edu> | 2015-06-04 10:50:22 +0200 |
| commit | 02ca8128dea803ac03455e793ee4f33aad89ab58 (patch) | |
| tree | 9d9e8c3b93fef590b67176b19d16e98866ffa6d0 /spec.txt | |
| parent | 4edf470184bb3220f99d8cdd38597d069cf525ca (diff) | |
Require replacement of U+0000. Closes #327.
Previously we said that NULL must be replaced or stripped,
but this was too vague, and stripping might be a security
risk in itself.
Diffstat (limited to 'spec.txt')
| -rw-r--r-- | spec.txt | 8 |
1 files changed, 5 insertions, 3 deletions
@@ -215,9 +215,6 @@ followed by a [line ending] or by the end of file. A [line ending](@line-ending) is a newline (`U+000A`), carriage return (`U+000D`), or carriage return + newline. -For security reasons, a conforming parser must strip or replace the -Unicode character `U+0000`. - A line containing no characters, or a line containing only spaces (`U+0020`) or tabs (`U+0009`), is called a [blank line](@blank-line). @@ -269,6 +266,11 @@ Tabs in lines are expanded to spaces, with a tab stop of 4 characters: </code></pre> . +## Insecure characters + +For security reasons, the Unicode character `U+0000` must be replaced +with the replacement character (`U+FFFD`). + # Blocks and inlines We can think of a document as a sequence of |