OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index]
Re: [xml-dev] Namespace prefixes are a security risk

Maybe I'm missing something ...

> And the prefix can be anything, e.g.,
>     <attackNOW:book xmlns:attackNOW="http://www.book.org";>

But this just seems to be a badly chosen prefix.

> Not so innocent-looking anymore, is it?

It looks a bit silly, just like the following in C or Java:

  int attackNOW = 0;

Michael Ludwig

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index]

News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 1993-2007 XML.org. This site is hosted by OASIS