On Fri, Dec 20, 2013 at 8:16 PM, Florian Pflug <fgp@phlo.org> wrote:
> On Dec20, 2013, at 18:52 , Robert Haas <robertmhaas@gmail.com> wrote:
>> On Thu, Dec 19, 2013 at 6:40 PM, Florian Pflug <fgp@phlo.org> wrote:
>>> Solving this seems a bit messy, unfortunately. First, I think we need to have some XMLOPTION value which is a
supersetof all the others - otherwise, dump & restore won't work reliably. That means either allowing DTDs if XMLOPTION
isCONTENT, or inventing a third XMLOPTION, say ANY.
>>
>> Or we can just decide that it was a bug that this was ever allowed,
>> and if you upgrade to $FIXEDVERSION you'll need to sanitize your data.
>> This is roughly what we did with encoding checks.
>
> What exactly do you suggest we outlaw?
<!DOCTYPE> anywhere but at the beginning.
--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company