On Wed, Dec 21, 2005 at 10:24:09PM -0800, [EMAIL PROTECTED] wrote:
> C14N specification require absolute namespace URIs. Probably it is better
> to do the check for known URI schemes (e.g. "http", "https", "ftp", "file")
> instead of exluding few ("urn", "dav", "rrn") though it goes against usual
> security practice to (exclude what you know is good vs. catch what you
> know is bad).Hum, absolute means non-relative ? If yes then the simple fact that there is a scheme after parsing the URI-Reference implies it is not relative I think. Maybe the right patch it to parse the URI with xmlParseURI and check if a scheme was found, if yes then it should be absolute. But I don't know the c14n spec and maybe I misunderstood the actual requirement. > Unfortunately, I am on vacation and will not be able to make this change till > January. You can either wait or create a patch yourself and send it to this > mailing list. If you can confirm the problem and the solution, I could make the fix I guess. Enjoy your vacations :-) Daniel -- Daniel Veillard | Red Hat http://redhat.com/ [EMAIL PROTECTED] | libxml GNOME XML XSLT toolkit http://xmlsoft.org/ http://veillard.com/ | Rpmfind RPM search engine http://rpmfind.net/ _______________________________________________ xml mailing list, project page http://xmlsoft.org/ [email protected] http://mail.gnome.org/mailman/listinfo/xml
