[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message] RE: Excellent IETF BCP on XML
"XML mechanisms that follow external references (External References) may also expose an implementation to various threats by causing the implementation to access external resources automatically. It is important to disallow arbitrary access to such external references within XML data from untrusted sources. Many XML grammars define constructs using URIs for external references; in such cases, the same precautions must be taken. " Hmm. So namespacesCumURLs are a security problem? len From: Tim Bray [mailto:tbray@t...] This thing has been under development for months and I think it is an *excellent* piece of work - I would probably echo pretty well every word and just not in the IETF context. The canonical version is at http://www.imc.org/ietf-xml-use/xml-guidelines-07.txt, but there's also a nice human-readable HTML version at http://www.imc.org/ietf-xml-use/xml-guidelines-07.html
|
PURCHASE STYLUS STUDIO ONLINE TODAY!Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced! Download The World's Best XML IDE!Accelerate XML development with our award-winning XML IDE - Download a free trial today! Subscribe in XML format
|