Remote resources allowed by epubcheck if declared

[dauwhe]

I was able to create a valid EPUB (attached with .zip extension) containing an iframe with embedded YouTube video by simply declaring the remote resource as a manifest item. This appears to violate 3.0.1 and 3.2

All Publication Resources must be located in the EPUB Container, with the following exceptions:

• Audio resources may be located in the Container or remotely.
• Video resources may be located in the Container or remotely.
• Descriptions referenced from the aria-describedat [ContentDocs301] attribute may be located in the Container or remotely.

This is a useful trick, at least :)

epub-30-iframe.zip

[mattgarrish]

You can omit the fallback and epubcheck merrily validates the content anyway. Seems like a significant flaw in the current version of epubcheck more than a hack, as it doesn't seem to matter where resources are located or whether they're CMT or not so long as you put them in an iframe.

Where did that come from?

[dauwhe]

Remove the fallback stuff (but labeling the content doc as having a remote resource) and I get

ERROR(RSC-006): ..epub/OPS/content_001.xhtml(8,45): Remote resource reference not allowed; resource must be placed in the OCF.

Pretend everything is normal and I get

ERROR(OPF-014): ..epub/OPS/content_001.xhtml(-1,-1): The property 'remote-resources' should be declared in the OPF file.
ERROR(RSC-006): ..epub/OPS/content_001.xhtml(8,45): Remote resource reference not allowed; resource must be placed in the OCF.

[mattgarrish]

If I strip the fallback attribute from the manifest item and leave everything else as is, I get:

PS > java -jar C:\epubcheck\epubcheck.jar .\epub-30-iframe.epub
Validating using EPUB version 3.0.1 rules.
No errors or warnings detected.
epubcheck completed

[mattgarrish]

And confirming I'm on 4.0.2.

[dauwhe]

And confirming I'm on 4.0.2.

me too. Weird :)

Here's my epub with the remote resource in iframe, but nothing special in OPF:

epub-30-iframe-nofallback.zip

Validating using EPUB version 3.0.1 rules.
ERROR(OPF-014): ..epub/OPS/content_001.xhtml(-1,-1): The property 'remote-resources' should be declared in the OPF file.
ERROR(RSC-006): ..epub/OPS/content_001.xhtml(8,45): Remote resource reference not allowed; resource must be placed in the OCF.

Check finished with errors

[mattgarrish]

Ya, it seems if you're honest that the resource is remote by listing it in the manifest, then epubcheck gives you a pass, no matter what it is.

(And for the record, I'm not against using fallbacks for iframe, but I'd rather we made it legal in the spec. The thing with making it a video exception is you wouldn't technically need a fallback, as they're exempt, but it would get messy if we did expand what you can reference.)

[dauwhe]

Ah, yes

<item id="content_001"  href="content_001.xhtml" media-type="application/xhtml+xml" properties="remote-resources"/>
<item id="content_iframe"  href="https://www.youtube.com/embed/qlMuzbjMASo" media-type="text/html"/>

Validates.

[mattgarrish]

Yup, and that's a pretty big bug to me.

Getting away with it using a fallback would be one thing, but this means any media type can go into an epub without a fallback so long as it's referenced from an iframe. You can even put a foreign resource into the container and it will validate without a fallback so long as it's referenced from an iframe.

[hussnainsheikh]

Facing the same error, using EPUBCheck v4.2.6.
How to allow remote resource URL?

[gcyrillus]

I have a similar error (EpubCheck v4.2.6 run from pagina epub-checker validation for epub 3.2 rules ) I got into epub's things a few weeks ago and I'm probably misunderstanding too many things yet.

I have external link <a href="somewhere on the internet"> to a flickr https + ://www.flickr.com/photos/xxxx and a few other links to githubs main.zip files . I have the OPF-014 error for each files containing an external link , then comes the RSC-006 error for each external links found.

I'm confused, these are external links in no way meant to be a ressource , to be used/shown inside the epub (no iframe nor object nor audio or video tags involved, not even a tricky js) .

From https://github.com/IDPF/epub3-samples/tree/main/30/accessible_epub_3 , there is also external links, but no error message, i do not see how that external link inside ch01s02.xhtml file for instance is not raising an error . The only difference i found was a target attribute being there, would that be it and how? . Did I miss something ?

Did I also missed a forum to discuss and get help about epub specification and validation ?
I also discovered that details was not allowed inside an li child of an <nav epub:type="toc"> but did not find any similar subject discussion
If that comment is out of place, please excuse me and feel free to remove it.

[mattgarrish]

I'm confused, these are external links in no way meant to be a ressource

Can you post a minimal epub the exhibits the problem? I've tried a variety of tests and can't reproduce the errors you're seeing.

If it's in all your files, the only thing I would suggest is to check that the error isn't coming from the header, like from a remote font declaration.

I also discovered that details was not allowed inside an li child of an <nav epub:type="toc"> but did not find any similar subject discussion

Yes, the content model of the nav elements in the navigation document is intentionally restricted to simplify their processing by reading systems. You can read the requirements here: https://www.w3.org/TR/epub-33/#sec-nav-def-model

[hussnainsheikh]

I'm confused, these are external links in no way meant to be a resource

Can you post a minimal epub the exhibits the problem? I've tried a variety of tests and can't reproduce the errors you're seeing.

If it's in all your files, the only thing I would suggest is to check that the error isn't coming from the header, like from a remote font declaration.

I also discovered that details were not allowed inside a li child of an <nav epub:type="toc"> but did not find any similar subject discussion

Yes, the content model of the nav elements in the navigation document is intentionally restricted to simplify their processing by reading systems. You can read the requirements here: https://www.w3.org/TR/epub-33/#sec-nav-def-model

I have used the image src as an URL src="https://domain.com/url-to-image.jpg" and it gives me an error. Can we allow the remote resource? Is it possible? Thank you!

[gcyrillus]

Oups, i just find out that i did not properly cleaned the source i was using, there where external <links rel="stylesheet" ... supposed to be removed but it was duplicated instead. It stands now all clear to me, there was nothing wrong but me. Regards

[hussnainsheikh]

Oups, I just find out that I did not properly clean the source I was using, there was external <links rel="stylesheet" ... supposed to be removed but it was duplicated instead. It stands now all clear to me, there was nothing wrong but me. Regards

Can you help me to resolve my issue? Thank you!

[mattgarrish]

Can we allow the remote resource? Is it possible?

Going by the image you posted, it looks like you're exporting an EPUB 2 file, in which case no resources are allowed outside the container. That's never going to change as EPUB 2 is more than a decade old now and not being updated anymore.

With EPUB 3, exceptions were carved out to allow some large data files to be hosted externally (audio, video, fonts and data sets), but still not images. See https://www.w3.org/TR/epub-33/#sec-resource-locations

Allowing other resources to be hosted outside the container was discussed recently (mainly html for embedding videos), but it's not likely changing in the EPUB 3.3 revision as we're near to moving it to a candidate recommendation in W3C.

Your only option is to embed the images, at least if you want to ensure the file is accepted by vendors and will render reliably.