XML, the eXtensible Markup Language
The Standard General Markup Language is about two decades old. SGML was originally designed for processing large documentation sets, but SGML is neither a programming language nor a text formatting language. Instead, it's a meta-language that allows defining of customized markup languages. The most famous SGML-based language today is unquestionably HTML.
Because SGML has been around for two decades, many companies offer SGML tools and products and it's firmly entrenched in many high-end document-processing applications. SGML is quite a large language; however, understanding the basics isn't very difficult. It does contain many rarely used features which are harder to understand. Implementing a full SGML parser is difficult, and this has given SGML a reputation for fearsome complexity. This reputation isn't truly deserved, but it's been enough to scare many people away from using it.
XML, then, is a stripped-down version of SGML that sacrifices some power in return for easier understanding and implementation. It's still a meta-language, but many of SGML's lesser-used features and options have been dropped. The XML 1.0 specification is about 40 pages long, and a parser can be implemented with a few weeks of effort.
A mark-up language specified using XML looks a lot like HTML:
<?xml version="1.0"?> <!DOCTYPE myth SYSTEM "myth.dtd"> <myth> <name lang="latin">Hercules</name> <name lang="greek">Herakles</name> <description>Son of Zeus and Alcmena.</description> <mortal/> </myth>
An XML document consists of a single element containing sub-elements which can have further sub-elements inside them. Elements are indicated by tags in the text, consisting of text within angle brackets <...>. Two forms of elements are available. An element may contain content between opening and closing tags, as in <name>Hercules</name>, which is a name element containing the data Hercules. This content may be text data, other XML elements or a mixture of the two. Elements can also be empty, in which case they're represented as a single tag ending with a slash, as in <mortal/>, which is an empty stop element. This is different from HTML, where empty elements such as <BR> or <IMG> aren't indicated differently from a non-empty element such as <H1>. Also unlike HTML, XML element names are case-sensitive; mortal and Mortal are two different element types.
Opening and empty tags can also contain attributes, which specify values associated with an element. For example, text such as <name lang="greek">Herakles</name>, the name element has a lang attribute with a value of “greek”. In <name lang="latin">Hercules</name>, the attribute's value is “latin”. Another difference from HTML is that quotation marks around an attribute's value are not optional.
The rules for a given XML application are specified with a Document Type Definition (DTD). The DTD carefully lists the allowed element names and how elements can be nested inside each other. The DTD also specifies the attributes which can be defined for each element, their default values, and whether they can be omitted. For example, to make a comparison with HTML, the LI element, representing an entry in a list, can occur only inside certain elements which represent lists, such as OL or UL.
The document-type definition is specified in the DOCTYPE declaration; the above document uses a DTD called “mythology” that I invented for this article. The “mythology” DTD might contain the following declarations:
<!ELEMENT myth (name+, description, mortal?)> <!ELEMENT name (#PCDATA)> <!ATTLIST name lang ( latin | greek ) "latin"> <!ELEMENT description (#PCDATA)> <!ELEMENT mortal EMPTY>
I won't go into every detail of these lines, however, lines beginning with <!ELEMENT are element declarations. They declare the element's name and what it can contain. So, the myth element must contain one or more name elements, followed by a single description element, followed by an optional mortal element. (+, * and ? have the same meanings as in regular expressions: one or more, zero or more, and zero or one occurrence.) The mortal tag, on the other hand, must always be empty.
The third line declares the name element to have an attribute named lang; this attribute can have either of the two values “latin” or “greek” and defaults to “latin” if it's not specified.
A validating parser can be given a DTD and a document in order to verify that a given document is valid, i.e., it follows all the DTD's rules. This is quite different from HTML, since web browsers have historically had very forgiving parsers, and so relatively few people make any effort to write valid HTML. This looseness means that code to render HTML text is full of hacks and special cases; hopefully, XML won't fall into the same trap of leniency.
This article doesn't cover all of XML's features—I haven't discussed all the possible attribute types, what entities are or that XML uses Unicode, which enables XML processors to handle data written in practically any alphabet. For the full details of XML's syntax, the one definitive source is the XML 1.0 specification, available on the Web at the World Wide Web Consortium's XML page (see Resources). However, like all specifications, it's quite formal and not intended to be a friendly introduction or a tutorial. Gentler introductions are beginning to appear on the Web and on bookstore shelves.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Server Hardening
- May 2016 Issue of Linux Journal
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- The Humble Hacker?
- The US Government and Open-Source Software
- BitTorrent Inc.'s Sync
- The Death of RoboVM
- Open-Source Project Secretly Funded by CIA
- New Container Image Standard Promises More Portable Apps
- ACI Worldwide's UP Retail Payments
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide