- From: Jonas Sicking <jonas@sicking.cc>
- Date: Wed, 06 Jun 2007 16:13:40 -0700
- To: Anne van Kesteren <annevk@opera.com>
- CC: "WAF WG (public)" <public-appformats@w3.org>
> * What happens when the XML is not well-formed and how does this > interact with incremental parsing. This one is tricky for sure. IMHO we can't require that AC checks fail if the document fails to fully parse. In my implementation I plan to stop parsing once I hit the first start tag and if access hasn't been granted yet at that point abort. I don't want, for security reasons, to create any DOM nodes at all if access is denied, so it's not an option to create a full DOM and then do access checks. OTOH, I'm not sure if we can require that AC checks pass on a page that can't be parsed. I'm not sure if all implementations will have a "streaming" XML parser available so that they can check the PIs without parsing the entire page. Though admittedly I don't know of any XML parsers that don't support streaming. I also thought of a pretty important use-case that requires "deny" in the PIs. If the server sets an allow header, but you want to put a file on that server that you *don't* want people from other servers to have access to, you need to be able to specify that directly in the file. It is not enough to simply not put any AC PIs in the file since then the servers 'accept' will be used. / Jonas
Received on Wednesday, 6 June 2007 23:14:45 UTC