Message 306952 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	failys
Recipients	failys
Date	2017-11-25.11:05:53
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1511607953.88.0.213398074469.issue32130@psf.upfronthosting.co.za>
In-reply-to

Content
If an XML document is externally validated against a DTD from a https site then, depending on the security posture of the hosting site, validation might fail. This seems to be due to the lack of user agent information received by the host when the request for the DTD is sent. Relaxing the security rules on the host does get around this problem, but this might not always be a solution for some. I've observed with this issue with xml.sax. I don't know how general this problem is in other XML handling components of Python2 or Python 3.

If an XML document is externally validated against a DTD from a https site then, depending on the security posture of the hosting site, validation might fail.  This seems to be due to the lack of user agent information received by the host when the request for the DTD is sent.

Relaxing the security rules on the host does get around this problem, but this might not always be a solution for some.

I've observed with this issue with xml.sax.  I don't know how general this problem is in other XML handling components of Python2 or Python 3.

History
Date	User	Action	Args
2017-11-25 11:05:53	failys	set	recipients: + failys
2017-11-25 11:05:53	failys	set	messageid: <1511607953.88.0.213398074469.issue32130@psf.upfronthosting.co.za>
2017-11-25 11:05:53	failys	link	issue32130 messages
2017-11-25 11:05:53	failys	create