Re: Malicious documents? (WAS: Interesting mailing list & a ra
Bill de hÓra wrote, > The notion of treating XML as active content is fascinating (and a > bit scary). I wonder if you could set up a for loop for a DOS via > an XSLT sheet? An XSLT stylesheet has intended programmatic semantics (it's code, for all that it's sprinkled with angle brackets and declarative rather than imperative), so pretty clearly, IMO, it has to be treated as active content. A comparisons with PostScript might be in order here, and it's not news that untrusted PostScript documents can be dangerous. The more worrying cases are documents which don't have any such intended semantics (ie. just dumb data), but get them willy nilly thanks to the implicit retrieval semantics of validation. My guess is that many, many, developers will assume that such things are just as safe as text/plain is typically taken to be, without anticipating the effects of validation. This is likely to be particularly so in server as opposed to client applications: that a server designed to only _consume_ incoming documents might be tricked into making outgoing requests to arbitrary hosts is probably completely unexpected. Cheers, Miles
PURCHASE STYLUS STUDIO ONLINE TODAY!
Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced!
Download The World's Best XML IDE!
Accelerate XML development with our award-winning XML IDE - Download a free trial today!
Subscribe in XML format