cocoon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "J.Pietschmann" <>
Subject Re: XSL Security question
Date Thu, 30 Jan 2003 19:42:50 GMT
Niclas Hedhman wrote:
>>What kind of DoS attacks would you expect?
> If I can upload an XSL, I can have an infinite loop in the XSL, and then issue 
> continous HTTP requests invoking that XSL, effectively eating up both RAM and 
> CPU time.

Also eating up bandwidth, and if the server is hot iron hooked
to a  fat pipe, you can bring down the target end of the URL by
swamping it with requests. Actually, this was the main idea.


To unsubscribe, e-mail:
For additional commands, email:

View raw message