[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message] Re: Malicious documents? (WAS: Interesting mailing list & a ra
Miles Sabin wrote: > The more worrying cases are documents which don't have any such intended > semantics (ie. just dumb data), but get them willy nilly thanks to the > implicit retrieval semantics of validation. Worse yet, this isn't limited to validation. A parser is free to read an external DTD (to get attribute defaults and entity values) even when it isn't validating. I haven't looked at any of the parsers I've used closely enough, but it would surprise me if any had a way to turn this completely off. -- Ron
|
PURCHASE STYLUS STUDIO ONLINE TODAY!Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced! Download The World's Best XML IDE!Accelerate XML development with our award-winning XML IDE - Download a free trial today! Subscribe in XML format
|