>From what I remember, you're the first to bring this up. I guess this is a >good sign.
If I understand correctly this question applies more to the applications that use XMLBeans. For XML, XMLBeans uses a standard compliant XML parser, which can be replaced using options with any other SAX parser. As for XPath, the included parser does cover for errors in the path and never -executes-- anything coming from the path expressions or the document it's applied on. Is there anything that you have in mind? Cezar ________________________________ From: al so [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 23, 2008 11:54 AM To: user@xmlbeans.apache.org Subject: question on security.. Is the XmlBeans library immune to Xpath and Xml injections? If not, I would appreciate any solutions that work best in tandem with XmlBeans.