[xmlsec] non us-ascii filenames in user locale

Roumen Petrov xmlsec at roumenpetrov.info
Tue Jun 22 01:05:50 PDT 2004

Daniel Veillard wrote:

>On Mon, Jun 21, 2004 at 03:21:09PM +0300, Roumen Petrov wrote:
>>I don't think that xmlsec should depend and use directly iconv. I think 
>>than xmlsec should ensure reference url in UTF-8 and escaped only. Rest 
>>of this migth should do libxml.
>>What is your opinion ?
>  My opinion is that making a library change its behaviour based on 
>user locale is a serious error. It makes support and debug horrible.
>I have tried very hard to avoid this mistake in libxml2 and libxslt,
>I don't see why this should be done for xmlsec.
Agreed, application must deal with locales.

Current xmlsec don't allow me to replace file IO from an application.
Might I should precess xml file and adjust URI before to call xmlsec 
methods ?

> Filename are not
>a reason to do so in my opinion, you get a string of bytes, you
>use it for OS operations, those OS operations are not dependant on the
Sound good, but ...
Please see "XML-Signature Syntax and Processing "->" The URI 
Attribute": URI should be in "UTF-8" and escaped.

>you don't care what the encoding of those bytes are for those
>operations. The worse case is if you need to take that string to expose
>it later (as an URI-Reference for example), then you're in trouble
>and heuristics might be needed, but not based on locales...
In case of http/ftp URI responsible to translate "absolute path" part of 
URI to filename is HTTP/FTP server.

I'm in trouble with non us-ascii filenames in case of file URI.
Definitely customers never will change habit to use filenames in their 
native language.
Filename "modèle.txt" is created in user locale and name is not unicode 
In Reference "URI  attribute" is in UTF-8, i.e. unicode string.

Did you have idea how to solve problem ?

Did you now method from libxml or xmlsec that can help me to found 
non-unicode charset for a string in unicode ?
This method shouldn't depend from user locale.



More information about the xmlsec mailing list