[jdev] DOM vulnerability/feature

Sebastiaan Deckers cbas at pandion.im
Sun Feb 7 05:45:49 CST 2010 

This DOM quirk could be of interest to any XMPP developers using
Libxml or MSXML (before 6.0) where resolveExternals is true by
default.

http://pastebin.com/f72bf5426

Remember kids, always set resolveExternals to false before parsing a DOM.

Sebastiaan

More information about the JDev mailing list