[prev in list] [next in list] [prev in thread] [next in thread]
List: mod-security-users
Subject: [mod-security-users] XML parse security
From: Marc Stern <marc.stern () approach ! be>
Date: 2014-08-01 12:07:50
Message-ID: 53DB8316.6070000 () approach ! be
[Download RAW message or body]
[Attachment #2 (text/html)]
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<font face="Calibri">To be <font face="Calibri">totally</font>
secure, shouldn't we add the following flags to the parse
initialisation (xmlCreatePushParserCtxt):<font face="Calibri"> </font>XML_PARSE_NONET,
XML_PARSE_NODICT</font> ?<br>
<br>
Marc
</body>
</html>
------------------------------------------------------------------------------
Want fast and easy access to all the code in your enterprise? Index and
search up to 200,000 lines of code with a free copy of Black Duck
Code Sight - the same software that powers the world's largest code
search on Ohloh, the Black Duck Open Hub! Try it now.
http://p.sf.net/sfu/bds
_______________________________________________
mod-security-users mailing list
mod-security-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-users
Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
http://www.modsecurity.org/projects/commercial/rules/
http://www.modsecurity.org/projects/commercial/support/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic