[
Lists Home |
Date Index |
Thread Index
]
Miles Sabin wrote:
> This is likely to be particularly so in server as opposed to client
> applications: that a server designed to only _consume_ incoming
> documents might be tricked into making outgoing requests to arbitrary
> hosts is probably completely unexpected.
Yes, that's a fascinating and frightening perspective, but isn't it the
case also with any HTML document which can instruct a browser to do many
outgoing requests to fetch images, stylesheets, scripts and other objects?
Eric (who will have to be more carefull when he compares schema
languages to firewalls)
--
See you in San Diego.
http://conferences.oreillynet.com/os2002/
------------------------------------------------------------------------
Eric van der Vlist http://xmlfr.org http://dyomedea.com
http://xsltunit.org http://4xt.org http://examplotron.org
------------------------------------------------------------------------
|