Re: XInclude: security risk 1

Cart

XML Editor - Download a Free Trial >

See What's New >

Buy Now >

[Home] [By Thread] [By Date] [Recent Entries]

To: xml-dev@l...
Subject: Re: XInclude: security risk 1
From: Richard Tobin <richard@c...>
Date: Mon, 28 Oct 2002 19:28:36 GMT
Cc:
In-reply-to: <p04330107b9e329aa7fe2@[192.168.254.4]>
Organization: HCRC, University of Edinburgh

>It is somewhat (though far 
>from completely) mitigated by the fact that the document() function 
>can only point to well-formed XML documents so it can't steal 
>absolutely any file or URL.

You could combine it with an entity reference: use document() to refer
to an external document that has a file: entity reference.  Then any
plain text without less-thans or ampersands will be well-formed.

I'm sure that current browsers must already prevent this, probably by
disallowing file: references from non-trusted documents.

-- Richard

References:
- Re: XInclude: security risk 1
  - From: Elliotte Rusty Harold <elharo@m...>

Prev by Date: RE: Namespaces - a couple nits and questions
Next by Date: Re: Note from the Troll
Previous by thread: Re: XInclude: security risk 1
Next by thread: Re: XInclude: security risk 1
Index(es):
- Date
- Thread

XML Editor - Download a 15 Day Free Trial Now >

See What's New in Stylus Studio >

Buy Stylus Studio - XML Editor - Now >