- From: Deyan Ginev <d.ginev@jacobs-university.de>
- Date: Fri, 4 Dec 2015 16:49:24 -0500
- To: "Schubotz, Moritz" <schubotz@tu-berlin.de>, "www-math@w3.org" <www-math@w3.org>
Dear all, It's great to hear that there is interest in security for MathML. I would also be curious to hear if a "security audit" of any form has been performed on the spec, maybe as part of the integration work with the HTML5 working group. Security audits are an inevitability when production-ready technologies start being used in enterprise settings, and given the scale and importance of the MediaWiki installations out there, it's reasonable that they would at least ask the question. In this scope, this is a question also suitable for the HTML5 community, and I see MathML is already featured on html5sec: https://html5sec.org/?mathml Does the Math WG know of prior interest in this subject? Greetings, Deyan On 12/04/2015 03:26 PM, Schubotz, Moritz wrote: > Hi Bruce, > > I have the feeling to give a reasonable answer to the question "is ASCII > dangerous": > https://xkcd.com/327 > At least in the context of SQL injections it has been well studied. > If you expose MathML to browsers that might not even know what MathML is, > they might freak out. > > Moritz >
Received on Friday, 4 December 2015 21:49:54 UTC