The XML Factor

Abstract

SQL Injection is a common Web application attack, and XML is vulnerable to it as well. Validating your incoming XML documents against XML schema doesn't necessarily prevent this attack. That's because the type "xsdistring" does not preclude special characters and specific SQL keywords that are, after all, of the correct type. To prevent ISO character sets from being exploited, declare the ISO character set you're using for translating Unicode input into ASCII.

Details

Key topics

SQL injection;
XML schema;
Factor

ERIC Subject

Computer Oriented Programs;
Personality;
Networks

Subject

Enterprisewide computing;
Web services;
Extensible Markup Language;
Standards;
Systems management;
Servers;
Digital signatures;
Alliances;
Cybersecurity;
Documents

Business indexing term

Subject:

Systems management

Location

United States--US

Title

The XML Factor

Author

MacVittie, Lori

Publication title

Network Computing; Manhasset

Volume

Issue

Pages

79-82

Number of pages

Publication year

2004

Publication date

Jun 10, 2004

Section

WORKSHOP

Publisher

Informa

Place of publication

Manhasset

Country of publication

United States

Publication subject

Computers--Computer Systems, Computers--Computer Networks

ISSN

10464468

Source type

Trade Journal

Language of publication

English

Document type

Feature

ProQuest document ID

215438478

Document URL

https://www.proquest.com/trade-journals/xml-factor/docview/215438478/se-2?accountid=208611

Last updated

2024-11-19

Database

ProQuest One Academic

Content area

Abstract

Details