W3C home > Mailing lists > Public > public-xml-core-wg@w3.org > June 2007

HRRIs - security considerations

From: Richard Tobin <richard@inf.ed.ac.uk>
Date: Tue, 26 Jun 2007 12:01:52 +0100 (BST)
To: public-xml-core-wg@w3.org
Message-Id: <20070626110152.1593A227A02@macpro.inf.ed.ac.uk>

Here is an expanded security section taking into account Martin's
comments.

Human Readable Resource Identifiers have the same security
considerations as IRIs, see Section 8 of [3].  Additional risks
resulting from the additional characters allowed in HRRIs include:

 - Some characters may not be permitted by the context.  For example,
   NUL characters are not allowed XML documents.

 - The use of control characters and bidirectional formatting characters
   may allow malicious users to manipulate the displayed version of an
   HRRI.

 - Control characters and non-characters, or HRRIs containing them,
   may be filtered out by receivers.

 - Private use characters are not interoperable and may have unpredicable
   effects.

 - Whitespace characters may be subject to normalization in certain
   contexts.  For example, line endings in XML are normalized to LF;
   tabs in XML attributes are converted to spaces; and sequences of
   spaces are collapsed in tokenized XML attributes.

 - Some characters may be treated as delimiters in some contexts.
   For example, spaces are often used to separate resource identifiers
   in a sequence, and angle brackets are often used to delimit resource
   identifiers in text.

Human Readable Resource Identifers are often converted to IRIs or URIs
and subsequently used to provide a compact set of instructions for
access to network resources, care must be taken to properly interpret
the data within a Human Readable Resource Identifier, to prevent that
data from causing unintended access, and to avoid including data that
should not be revealed in plain text.

-- Richard
Received on Tuesday, 26 June 2007 11:01:59 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 8 January 2008 14:21:35 GMT