Would be great if you could further diagnose where the problem is here! On 2025/08/22 20:41:59 Joseph Kessselman wrote: > When I replaced the URI in the DTD External Entity reference with a > legitimate one (pointing to a stub server on my own machine), I did get > complaints about HTML protocol not being correct ... so apparently this is at > least trying to open the URI. > > If it's actually reading the entity, that could be the basis for a DOS > attack, if nothing else. > > We *should* be running with the secure flag set. I can try debuggerizing to > confirm. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > >
--------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
