Message185199
Donald: Thanks! I'm going to look at your patch later today.
Hynek: Because the preferred way is another: use patched expat and pyexpat C modules of defusedexpat. It's a fix on C level and still allows a sane amount of entity expansions. defusedxml disallows any XML document that smells even a tiny bit. This approach needs a) more reviews and b) an API to enable the limitations- |
|
Date |
User |
Action |
Args |
2013-03-25 12:16:49 | christian.heimes | set | recipients:
+ christian.heimes, docs@python, hynek, dstufft |
2013-03-25 12:16:49 | christian.heimes | set | messageid: <1364213809.28.0.841072928225.issue17538@psf.upfronthosting.co.za> |
2013-03-25 12:16:49 | christian.heimes | link | issue17538 messages |
2013-03-25 12:16:49 | christian.heimes | create | |
|