Re: [xml-dev] XPointer and XML Schema :: ASPN Mail Archive

Recent Messages
List Archives
About the List
List Leaders
Subscription Options

View Subscriptions
Help

View by Topic
ActiveState
.NET Framework
Open Source
Perl
PHP
Python
Tcl
Web Services
XML & XSLT

View by Category
Database
General
SOAP
System Administration
Tools
User Interfaces
Web Programming
XML Programming

MyASPN >> Mail Archive >> xml-dev

xml-dev

Re: [xml-dev] XPointer and XML Schema
by Rich Salz other posts by this author
Jul 16 2002 3:03AM messages near this date

[xml-dev] About SAX Filters | Re: [xml-dev] The general XML processing problem

>  >    3. Make the schemalocation hint manditory to provide, and manditory to
>  > dereference for Schema-Loading, WRT XPointer.
>  
>  This option really scares me!

Me too, but for security reasons.  Mandatory to deref means that I as the 
client can force a server to go open a file of my choosing. That's scary. 
Suppose I send the server schemaLocation="file:///etc/passwd" -- I could 
probably guess some account names from the helpful fault information that 
comes back.
	/r$



-----------------------------------------------------------------
The xml-dev list is sponsored by XML.org <http://www.xml.org> , an
initiative of OASIS <http://www.oasis-open.org> 

The list archives are at http://lists.xml.org/archives/xml-dev/

To subscribe or unsubscribe from this list use the subscription
manager: <http://lists.xml.org/ob/adm.pl>