Henri Sivonen
Henri Sivonen
> It is my understanding that the reason is to prevent XSS attacks. Consider "
[Another bug reported about Gecko conforming to the spec.](https://bugzilla.mozilla.org/show_bug.cgi?id=1506049)
I still have trouble seeing the value of generating an error when an escape is followed by another escape when we don't generate errors for the other two cases I...
I noticed that [Unicode Security Considerations](https://www.unicode.org/reports/tr36/#Some_Output_For_All_Input) say that what the Encoding Standard requires for ISO-2022-JP should be done. If we reopen this, we should ask Mark Davis and Michel Suignard...
Regarding the previous Gecko bug from a week ago, the reporter provides more info in a [Thunderbird bug](https://bugzilla.mozilla.org/show_bug.cgi?id=1508136).
> It'd be good to know what other implementations do at this point Edge and IE don't generate a REPLACEMENT CHARACTER. Firefox, Chrome and Safari do. (With the caveat that...
[I posted the question to the Unicode mailing list.](https://www.unicode.org/mail-arch/unicode-ml/y2018-m11/0106.html)
> Is there progress on the mailing list? No. I pinged the mailing list again.
To address Mark Davis' [request for formal feedback](https://www.unicode.org/mail-arch/unicode-ml/y2018-m12/0006.html) I started writing something. While doing so, I came up with this: --- Generate U+FFFD if: * A state transition was made...
I'm thinking of submitting a [suggestion to go for non-committal middle ground for now](https://hsivonen.fi/unicode-feedback/empty-iso-2022-jp-draft.pdf). Thoughts?