Cart
[Home] [By Thread] [By Date] [Recent Entries]
K. Ari Krupnikov writes: > Would you report it as a (perhaps recoverable) error? Braking > character data into multiple events would defy the purpose of this > filter (to relieve content handlers from the need to do that > themselves) and do nothing to solve the security issue. Here's an easy attack -- send you a start tag, then just keep sending random alphanumeric characters until your system chokes. An arbitrary limit -- even a very high one, like a few gigabytes -- would be useful. > > On the other hand, high fixed limits, like (say) 16K characters for > > element and attribute names, might help us avoid some problems in > > the future. > > This sounds like a reasonable proposition to me. But would you also > impose a limit on character data? Entities? In the gigabytes > perhaps? No, I don't think that would be necessary. It all depends on the APIs, of course, but I've never seen one that splits a name into multiple chunks before passing it on to the application, hence the worry. All the best, David -- David Megginson, david@m..., http://www.megginson.com/
|
