[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message]

Re: Parser Behaviour (serious)

• From: "Clark C. Evans" <cce@c...>
• To: Simon Wilson <Simon.Wilson@c...>
• Date: Mon, 3 Apr 2000 11:53:23 -0400 (EDT)

On Mon, 3 Apr 2000, Simon Wilson wrote:
> Imagine if all those XML-based B2B systems out there referenced external
> entities on external web-sites. Hack the site, change or remove the DTD/schema
> and a lot of companies are losing a lot of money.
> 
> As a result, I think you'll find that most people with their wits about them
> will be taking a copy of standardized DTDs and referencing that instead in order
> to prevent such things from happening.

This is actually deeper.  What happens if 3 organizations
agree on a given DTD.  They all refer to that DTD, having
it hosted by one of the companies.  And then the hosting
company makes a slight 'clarifying' change... which happens
to cause validation of particular documents which were
considered invalid by one organization to succeed.

I think it is rather "essential" to be able to 'ovverride' 
the DTD used as a command line option; pointing it to
a local version of the DTD.

Clark




***************************************************************************
This is xml-dev, the mailing list for XML developers.
To unsubscribe, mailto:majordomo@x...&BODY=unsubscribe%20xml-dev
List archives are available at http://xml.org/archives/xml-dev/
***************************************************************************

• References:
  • Re: Parser Behaviour (serious)
    • From: "Simon Wilson" <Simon.Wilson@c...>

• Prev by Date: RE: Parser Behaviour (serious)
• Next by Date: Re: Parser Behaviour (serious)
• Previous by thread: Re: Parser Behaviour (serious)
• Next by thread: Re: Parser Behaviour (serious)
• Index(es):
  • Date
  • Thread