cocoon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefano Mazzocchi <stef...@apache.org>
Subject Re: [proposal] Doco
Date Mon, 27 Oct 2003 20:36:46 GMT

On Monday, Oct 27, 2003, at 15:35 Europe/Rome, Robert Koberg wrote:

>> nah, dude, look: doco has a very precise editing access point. You can
>> *ONLY* modify xml content. So, changes to .htaccess, CGI scripts,
>> servlet upload, sql injection, cross-site-scripting, and you next
>> favorite attack will NOT work because the system prevents it by design
>> [not saying it cannot happen, but if it does it's a bug, not a faulty
>> design]
>
> FWIW, I agree. Perhaps the submit goes to a well-formedness check (or 
> even
> better?, schema/dtd validation). If it fails, it doesn't even enter the
> approval process.

Absolutely. This wasn't mentioned, but planned. I will do relaxng 
validation before allowing any xml data into the system. This should be 
enough for documentation.

> Perhaps a notification email is sent describing that an
> invalid submittal was sent.

Nah, it would just fail and log the failure. No need to spam further 
since it might well be a bug in the editing software ;-) [I have 
experienced a few of them as well]

> The user is returned an error page saying the
> post was rejected, in case it was just a mistake.
>
> On another note, can images/PDFs/other-binaries be uploaded?

Damn, forgot about this!

My suggestion would be to process the binary file and determine if it's 
an image or not.

If not, reject it right away. [there should be *NO* need to upload any 
other binary file ]

--
Stefano.


Mime
View raw message