• To: Jeff Rafter <jeffrafter@d...>
• Subject: Re: XPointer and XML Schema
• From: Rich Salz <rsalz@d...>
• Date: Mon, 15 Jul 2002 23:03:39 -0400 (EDT)
• Cc: <xml-dev@l...>
• In-reply-to: <00cc01c22c6e$c8909b20$32f5d90c@c1980223a>

> >    3. Make the schemalocation hint manditory to provide, and manditory to
> > dereference for Schema-Loading, WRT XPointer.
> 
> This option really scares me!

Me too, but for security reasons.  Mandatory to deref means that I as the 
client can force a server to go open a file of my choosing. That's scary. 
Suppose I send the server schemaLocation="file:///etc/passwd" -- I could 
probably guess some account names from the helpful fault information that 
comes back.
	/r$

• References:
  • Re: XPointer and XML Schema
    • From: "Jeff Rafter" <jeffrafter@d...>

• Prev by Date: Re: The general XML processing problem
• Next by Date: About SAX Filters
• Previous by thread: Re: XPointer and XML Schema
• Next by thread: Re: XPointer and XML Schema
• Index(es):
  • Date
  • Thread