Comment 2 for bug 1190229
Revision history for this message
| Thierry Carrez (ttx) wrote Re: Potential unsafe XML usage | #2 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
513534c
demo site
(Get the code!)
Quantum analysis:
My understanding is that million laughs/quadratic blowup needs DTD evaluation, and the ProtectedXMLParser protects against reading an included DTD, so that sounds safe.
I agree that more consistency across the board would be welcome though.