[
Lists Home |
Date Index |
Thread Index
]
Ronald Bourret wrote
> Worse yet, this isn't limited to validation. A parser is free to read an
> external DTD (to get attribute defaults and entity values) even when it
> isn't validating. I haven't looked at any of the parsers I've used
> closely enough, but it would surprise me if any had a way to turn this
> completely off.
>
Hi Ron, prepare to be pleasantly surprised. There is a standard feature in
SAX called "http://xml.org/sax/features/external-parameter-entities", which
prevents the parser from reading any external entities - including the
external DTD subset.
Not all SAX parsers support this feature, but many do (ours included).
Regards
~Rob
--
Rob Lugt
ElCel Technology
http://www.elcel.com/
|