OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

 


 

   Re: [xml-dev] Malicious documents? (WAS: Interesting mailing list& a rar

[ Lists Home | Date Index | Thread Index ]

Miles Sabin wrote:

> This is likely to be particularly so in server as opposed to client 
> applications: that a server designed to only _consume_ incoming 
> documents might be tricked into making outgoing requests to arbitrary 
> hosts is probably completely unexpected.

Yes, that's a fascinating and frightening perspective, but isn't it the 
case also with any HTML document which can instruct a browser to do many 
outgoing requests to fetch images, stylesheets, scripts and other objects?

Eric (who will have to be more carefull when he compares schema 
languages to firewalls)

-- 
See you in San Diego.
                                http://conferences.oreillynet.com/os2002/
------------------------------------------------------------------------
Eric van der Vlist       http://xmlfr.org            http://dyomedea.com
http://xsltunit.org      http://4xt.org           http://examplotron.org
------------------------------------------------------------------------





 

News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS