OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help



   Re: [xml-dev] XInclude: security risk 1

[ Lists Home | Date Index | Thread Index ]

Simon St.Laurent wrote,
> It reminds me a bit of the issues that David Megginson raised back at
> XTech 2000:
> http://www.xml.com/pub/a/2000/02/xtech/megginson.html
> I can't find David's original slides,

You mean these?


There's also this thread of DMs on traffic analysis, 


which is related. And a little while ago I suggested this,


which does similar firewall penetration tricks as ERHs example, only 
without XInclude, just a parser which retrieves external entities.




News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS