[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message] Re: Excellent IETF BCP on XML
Bullard, Claude L (Len) wrote: > "XML mechanisms that follow external references (External References) may also > expose an implementation to various threats by causing the implementation to > access external resources automatically. > Hmm. So namespacesCumURLs are a security problem? No, a namespace URI is an identifier, and therefore need not be followed. The document (which is excellent) is talking about, you know, external ENTITY things. I believe this security issue is one reason why SOAP disallows DTD's. /r$
|
PURCHASE STYLUS STUDIO ONLINE TODAY!Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced! Download The World's Best XML IDE!Accelerate XML development with our award-winning XML IDE - Download a free trial today! Subscribe in XML format
|