cvs commit: ports/security/vuxml vuln.xml
Doug Barton
dougb at FreeBSD.org
Fri Jun 1 10:16:16 UTC 2012
On 06/01/2012 02:55, Simon L. B. Nielsen wrote:
> On Fri, Jun 1, 2012 at 2:02 AM, Doug Barton <dougb at freebsd.org> wrote:
>>> On Thu, 31 May 2012, Doug Barton wrote:
>>>
>>>> On 05/31/2012 09:28 AM, Warren Block wrote:
>>>>> Sorry, I missed the original post and am not quite sure what is being
>>>>> checked. At present, igor doesn't know XML at all. My hope is that
>>>>> some existing XML validator can be used to check tagging and indentation
>>>>> of DocBook XML, and igor can just check for documentation-specific
>>>>> problems.
>>>>
>>>> xmllint does a pretty good job of validation. Not sure how much it helps
>>>> with indentation, but it's a good place to start.
>>
>> To amplify that slightly, since "The Fine Manual" leaves something to be
>> desired ...
>>
>> xmllint --noout --dtdvalid http://www.vuxml.org/dtd/vuxml-1/vuxml-11.dtd
>> vuln.xml
>>
>> is what you want to validate that the file matches the DTD (the current
>> version passes). There is no way to use xmllint to "validate the
>> whitespace," but you could theoretically use the --format option as part
>> of 'make validate'. Note, that would require a one-time commit to change
>> the current format into what --format outputs, since they are pretty
>> dramatically different.
>
> Just a note, DTD check is unfortunately rather far from validating
> that VuXML entries are valid...
Right ... the question I was responding to was, "How can we confirm that
the XML is right?" which is a different question altogether. The wacky
default whitespace conventions that we have for that file could be
"fixed" (where that really means standardized on a differently wacky
schema) by the --format option of xmllint. That would take the "human
error" element out of the whitespace issue altogether, and avoid the
need to validate it since it would always be standard.
Validating against the DTD is probably also a good step to add, since if
it doesn't at least pass that test, further attempts to validate the
entries themselves are probably fruitless.
IOW, adding xmllint to the mix will probably do more good than harm,
although we need to be careful that we understand what it is, and isn't
doing for us.
Doug
--
This .signature sanitized for your protection
More information about the freebsd-doc
mailing list