On 04/15/2011 04:14 AM, Tomasz Sterna wrote: > Dnia 2011-04-15, piÄ… o godzinie 03:34 +0700, Sergey Dobrov pisze: >>> This has been known for quite some time: >>> https://support.process-one.net/browse/EJAB-680 >>> >>> I remember someone saying that not all servers are going to >> implement >>> such checks as it could hurt performance. >>> >> Thanks for the link. I see that bug is with low priority and I >> understand that this check will be high cost performance. But I have >> no idea how to prevent possible DoS attack to my services. > > Server accepting an invalid stream and happily routing it is low > priority??? > This is some strange prioritization... > > This shouldn't be your component job to check whether your server is > sending invalid XML. The server should drop the offending stream in the > first place. > > You can always switch your XMPP server to one in which XML parsing does > not "hurt performance". ;-) > > I don't see good alternatives for ejabberd. I need good Pubsub/PEP support, message archiving and other main features to be implemented and server should have good scalability.
-- With best regards, Sergey Dobrov, XMPP Developer and JRuDevels.org founder. _______________________________________________ JDev mailing list Info: http://mail.jabber.org/mailman/listinfo/jdev Unsubscribe: [email protected] _______________________________________________
