Le mardi 7 novembre 2017, 22:41:21 CET Marvin Gülker a écrit :

> §9 on security: one issue that comes to my mind is specifying
> out-of-range values for the "start" and "end" attributes by a malicious
> client.

Or a start without end/end without start, if a client replace it by HTML tags 
without checking, it could lead to an open tag without the corresponding 
closing one.

++
Goffi
_______________________________________________
Standards mailing list
Info: https://mail.jabber.org/mailman/listinfo/standards
Unsubscribe: standards-unsubscr...@xmpp.org
_______________________________________________

Reply via email to