Wrox Programmer Forums

Need to download code?

View our list of code downloads.

Go Back   Wrox Programmer Forums > XML > BOOK: Beginning XML, 5th edition
Password Reminder
Register
Register | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read
BOOK: Beginning XML, 5th edition
This is the forum to discuss the Wrox book Beginning XML 5th Edition by Joe Fawcett, Danny Ayers, Liam R. E. Quin; ISBN: 978-1-1181-6213-2
Welcome to the p2p.wrox.com Forums.

You are currently viewing the BOOK: Beginning XML, 5th edition section of the Wrox Programmer to Programmer discussions. This is a community of tens of thousands of software programmers and website developers including Wrox book authors and readers. As a guest, you can read any forum posting. By joining today you can post your own programming questions, respond to other developers’ questions, and eliminate the ads that are displayed to guests. Registration is fast, simple and absolutely free .
DRM-free e-books 300x50
Reply
 
Thread Tools Display Modes
  #1 (permalink)  
Old November 4th, 2015, 04:58 AM
dbl dbl is offline
Registered User
Points: 24, Level: 1
Points: 24, Level: 1 Points: 24, Level: 1 Points: 24, Level: 1
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Nov 2015
Location: Paris
Posts: 5
Thanks: 0
Thanked 0 Times in 0 Posts
Question Is there a risk to use DTD?

Hello,
DTD general entities are defined on chapter 4, page 110.
Although, the article available at the link hereafter tells us that hackers could use DTD general entities to make a kind of DoS attack named 'XML bomb' (see § 'XML bombs' in the article): https://msdn.microsoft.com/en-us/magazine/ee335713.aspx
Do you think that despite of this risk, we can keep on using DTDs in our XML documents or, on the contrary, do you think we should now avoid using DTDs and update our parser settings so that it does not parse DTDs anymore, or update them with some restrictions (see § 'Defending against XML bombs')?
Thank you in advance for your answer.
Kind regards.
Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Graphics Plugin for Liquidity Risk Software? StaceyL Visual Basic 2010 General Discussion 1 June 22nd, 2011 09:40 PM
HELP! Design Review & Risk Management topics required gangestech Classic ASP Basics 1 September 7th, 2010 02:13 PM
Automated tool to convert XML from DTD to DTD lsantos2000 XSLT 2 October 17th, 2007 08:21 AM
Risk assessment of not normalizing a table mdcarr SQL Server 2000 2 January 25th, 2004 10:43 AM
Help with DTD P Keshav XML 1 September 12th, 2003 12:05 AM



All times are GMT -4. The time now is 05:11 AM.


Powered by vBulletin®
Copyright ©2000 - 2017, Jelsoft Enterprises Ltd.
© 2013 John Wiley & Sons, Inc.