Â¥Ö÷

XML µÄ°²È«ÈõµãºÍ©¶´ 1.Large XML Documents  ³ÉΪ DoS attack Have a client post an XML doc of extreme length/depth <foo><foo><foo>...</foo></foo></foo> This does bad things to DOM parsers and memory consumption on the server: a DoS attack. The issue here is that the costs of handling a large XML document are much greater than the cost of generating one. Èç¹û¿Í»§¶Ë·¢ËÍÒ»¸öÎÞÏÞ³¤ºÍÎÞÏßÉî¶ÈµÄ<foo><foo><foo>...</foo></foo></foo> Ñù×ÓµÄxml¸ø·þÎñÆ÷£¬ÄÇô¾Í»áÔì³É·þÎñÆ÷ÄÚ´æÏûºÄ¹â£¬ÄÇôÕâ¾Í³ÉΪDoS attack¹¥»÷µÄÒ»ÖÖ¡£´¦ÀíÒ»¸ö´óxmlµÄ´ú¼Û±ÈÉú³ÉÒ»¸ö´óxmlµÄ´ú¼ÛÒª´óµÃ¶à¡£ 2.Entity Expansion Attacks. If an XML doc header declares some recursive entity declarations, and the file refers to them, then bad things happen. (Most of XML parser became immune to this, which will throw exception. ) An recursive entity value is like following: <!ENTITY            recursiveEntity ¡°1+&recursiveEntity;¡±>  //µÝ¹éµÄʵÌåÉùÃ÷ Èç¹ûÒ»¸öxmlÍ·²¿ÉùÃ÷һЩµÝ¹éµÄʵÌåÒýÓã¬ÄÇô¾Í»á·¢Éú»µÊÂÇé¡£²»¹ýÐҺôó¶àÊýxml·ÖÎöÆ÷¶Ô´ËÃâÒߣ¬»áÅ׳öÒì³£¡£ 3.  Entities referring to the filesystem. Here you declare an entity referring to a local file, then expand it. Result: you may be able to probe for files, perhaps even get a copy of it in the error response. This is high risky. Though some XML related software  does not support entities ( Like axis , which resists this. ), If your code has any way of resolving URLs from incoming messages, you may recreate this problem. Èç¹ûÉùÃ÷Ò»¸öʵÌåÒýÓÃÖ¸ÏòÒ»¸ö±¾µØÎļþ£¬È»ºóÕ¹¿ªËü¡£½á¹ûÊÇ£¬Äã¿ÉÒÔ³ÉΪÎļþµÄ̽Õ룬ÉõÖÁ¿ÉÒÔÔÚ´íÎóÐÅÏ¢µÄ»Ø¸´Öеõ½ÎļþµÄ¿½±´¡£·çÏÕºÜ´ó¡£ ¾¡¹ÜÐí¶àxmlÏà¹ØÈí¼þ²»Ö§³ÖʵÌ壬µ«Èç¹ûÄãµÄ´úÂëÒÔÈκη½Ê½À´´¦ÀíÊÕµ½ÐÅÏ¢ÖеÄurls£¬ÄÇôÄã¿ÉÄÜÓÐÅöµ½Õâ¸öÎÊÌâ¡£    Êղؠ  ·ÖÏí   ¶¥(0)

----------------------------------------------
̤ʵ¿ÐÊé