Bernd Eckenfels propagated the following meme: > On Sun, Nov 03, 2002 at 03:00:02PM +1100, Charles Miller wrote: > > Thus if you're using an off-the-shelf XML parser, it's a good idea to > > filter out things you're not expecting (such as DTD declarations) before > > they hit the parser. > > Filter out before you parse XML? :)
Point taken. Sometimes you're so deep in hacking something that you don't realise the solution that's working for you isn't necessarily applicable to the general population. :) On the other hand, never underestimate the value of a lightweight crap- filter as a defense against malformed or malicious input. Charles Miller -- Contributing to the Heat Death of the Universe since 1975. http://fishbowl.pastiche.org -- -- The Weblog _______________________________________________ jdev mailing list [EMAIL PROTECTED] http://mailman.jabber.org/listinfo/jdev
