On 2017/10/14, Jonas Wielicki wrote: > PART A > > Okay, there has been some discussion in xsf@ yesterday which changed my mind > a > little. The key point which convinced me was that Dave brought up the concept > of protocol breaks, and implied that a protocol break [1] is the only way to > prevent this kind of injection attacks [*]. > > Now this makes a lot of sense, and I can see that this trumps the elegance of > > leveraging that we can embed XHTML semantics into the XML stream directly. So > I’m now on the position that XHTML-IM is harmful (I’ve been there before, > which is why I proposed fixes) *and* that we indeed might want to move to a > different type of markup as intermediate representation of the protocol break.
I can definitely see the benefit in this, but I see this mostly as an implementation detail. Having XML->NotXML and not XML->XML would make it a bit more obvious, but one cannot get rid of validation. I would like to reiterate that not validating/filtering XML, particularly in web clients, will lead to vulnerabilities, and so this is a much bigger issue, and not specific to XHTML-IM. -- Maxime “pep” Buquet
signature.asc
Description: PGP signature
_______________________________________________ Standards mailing list Info: https://mail.jabber.org/mailman/listinfo/standards Unsubscribe: [email protected] _______________________________________________
