At 6:42 PM -0500 1/27/03, [EMAIL PROTECTED] wrote:
Finally, Xerces-J now provides means by which applications can force the parser to reject certain kinds of documents whose processing could result in a denial-of-service attack.
How is this accomplished? Simply by rejecting documents that contain a document type declaration? That seems unnecessarily harsh to me? Is there any more fine-grained control over this?
--
+-----------------------+------------------------+-------------------+
| Elliotte Rusty Harold | [EMAIL PROTECTED] | Writer/Programmer |
+-----------------------+------------------------+-------------------+
| Processing XML with Java (Addison-Wesley, 2002) |
| http://www.cafeconleche.org/books/xmljava |
| http://www.amazon.com/exec/obidos/ISBN%3D0201771861/cafeaulaitA |
+----------------------------------+---------------------------------+
| Read Cafe au Lait for Java News: http://www.cafeaulait.org/ |
| Read Cafe con Leche for XML News: http://www.cafeconleche.org/ |
+----------------------------------+---------------------------------+
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
