[JDEV] XML Requirements for Parsing Jabber Messages
Charles Miller
cmiller at pastiche.org
Sat Nov 2 23:18:52 CST 2002
Bernd Eckenfels propagated the following meme:
> On Sun, Nov 03, 2002 at 03:00:02PM +1100, Charles Miller wrote:
> > Thus if you're using an off-the-shelf XML parser, it's a good idea to
> > filter out things you're not expecting (such as DTD declarations) before
> > they hit the parser.
>
> Filter out before you parse XML? :)
Point taken.
Sometimes you're so deep in hacking something that you don't realise the
solution that's working for you isn't necessarily applicable to the general
population. :)
On the other hand, never underestimate the value of a lightweight crap-
filter as a defense against malformed or malicious input.
Charles Miller
--
Contributing to the Heat Death of the Universe since 1975.
http://fishbowl.pastiche.org -- -- The Weblog
More information about the JDev
mailing list