XML Editor - Download a Free Trial >
See What's New >
Buy Now >

[Home] [By Thread] [By Date] [Recent Entries]

  • From: Stephen D Green <stephengreenubl@g...>
  • To: "Simon St.Laurent" <simonstl@s...>
  • Date: Mon, 15 Apr 2013 14:25:13 +0100
On 15 April 2013 14:07, Simon St.Laurent <simonstl@s...> wrote:
...

All of the features Roger describes are commonly available in XML tool
chains.  They can be locked out with minimalist processing approaches or
to some extent with the parser generator approach Roger asked about
earlier.  

 

Perhaps a good example of the minimalistic approach to dealing with (alleged) security issues in XML is MicroXML. To quote the latest MicroXML (draft) spec [1]:
 
"... the features of XML that are most problematic from a security perspective have been eliminated from MicroXML: most importantly, MicroXML completely eliminates document type declarations, including entity declarations..."
 
[1] Section #1, Paragraph #6,  https://dvcs.w3.org/hg/microxml/raw-file/tip/spec/microxml.html

Best regards
 
Stephen D Green
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index]

XML Editor - Download a 15 Day Free Trial Now >
See What's New in Stylus Studio >
Buy Stylus Studio - XML Editor - Now >
Site Map | Privacy Policy | Terms of Use | Trademarks
Free Stylus Studio XML Training:
W3C Member