OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help



   Re: [xml-dev] Malicious documents? (WAS: Interesting mailing list& a rar

[ Lists Home | Date Index | Thread Index ]

Miles Sabin wrote:

> This is likely to be particularly so in server as opposed to client 
> applications: that a server designed to only _consume_ incoming 
> documents might be tricked into making outgoing requests to arbitrary 
> hosts is probably completely unexpected.

Yes, that's a fascinating and frightening perspective, but isn't it the 
case also with any HTML document which can instruct a browser to do many 
outgoing requests to fetch images, stylesheets, scripts and other objects?

Eric (who will have to be more carefull when he compares schema 
languages to firewalls)

See you in San Diego.
Eric van der Vlist       http://xmlfr.org            http://dyomedea.com
http://xsltunit.org      http://4xt.org           http://examplotron.org


News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS