[XML-SIG] Processing xml files with ISO 8859-1 chars
Florent Guillaume
fg@nuxeo.com
7 Nov 2001 17:47:29 GMT
> The simple answer is that the XML parser is illiterate. Since there are
> no bit patterns that are illegal in UTF-8, I don't see how the parser
> could know that the chosen encoding produced, from the user's
> perspective, garbage.
On the contrary, there are a lot of bit-patterns that are illegal in
UTF-8, and an application that fails to identify them as such can be
subject to many security holes. See a number of Microsoft IIS "unicode"
holes.
-- Florent
--
Florent Guillaume, Nuxeo SARL (Paris, France)
+33 1 40 33 79 10 http://nuxeo.com mailto:fg@nuxeo.com