[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [syndication] syndic8.com OCS feed fails parse.
- To: syndication@yahoogroups.com
- Subject: Re: [syndication] syndic8.com OCS feed fails parse.
- From: burton@relativity.yi.org
- Date: 28 Sep 2001 22:23:22 -0700
- In-reply-to: <016e01c1488f$87b8e850$070d0dc0@monster>
- References: <016e01c1488f$87b8e850$070d0dc0@monster>
- User-agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.0.106
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
"Jeff Barr" <jeff@vertexdev.com> writes:
> Hi,
>
> Indeed there is a problem. Do I need to insert some kind of XML declaration or
> PI at the top of the generated document? I'm not sure how to fix this, but I
> will as soon as I know...
Where are you getting your <description> data from?
You should validate the data on input so that user's can't break your XML.
If someone enters <blah> but doesn't complete it you will have problems.
Somehow, someone is entering descriptions with external entities. In order to
fix it you will have to either escape the entities or disallow them.
Basically anything like & or &asdf; will break.
Kevin
- --
Kevin A. Burton ( burton@apache.org, burton@openprivacy.org, burtonator@acm.org )
Cell: 415-595-9965 URL: http://relativity.yi.org ICQ: 73488596
The 9000 series is the most reliable computer ever made. No 9000 computer has
ever made a mistake or distorted information. We are all, by any practical
definition of the words, fool proof and incapable of error.
- Hal
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: Get my public key at: http://relativity.yi.org/pgpkey.txt
iD8DBQE7tVrGAwM6xb2dfE0RAtIpAJ4jkqnc+gNmqfTERjgizAUGUmwf1wCgxvzk
MNE4wEWpVTDqoVmKhgWulKk=
=YXJI
-----END PGP SIGNATURE-----