> With the recursive payload attack, an XML document is created with > very deep nesting of data elements, thousands of elements deep or > where the nesting is recursive. Many of the older XML parsers would > choke on this, essentially leading to a denial of service... > > Schema Poisoning - Modifying the schema referenced by an XML > document in a manner that is inconsistent with the document - > causing the processor to choke on the document.
Perhaps this is another reason to use something like Schematron and path-based validation and access for "duck typing" rather than "whole schema" validation and parsing into a runtime object. -P ------------------------ Yahoo! Groups Sponsor --------------------~--> Something is new at Yahoo! Groups. Check out the enhanced email design. http://us.click.yahoo.com/SISQkA/gOaOAA/yQLSAA/NhFolB/TM --------------------------------------------------------------------~-> Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/service-orientated-architecture/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
