[lxml-dev] Network downloading of schemas should be off by default?
Fred Drake
fdrake at gmail.com
Fri Jun 1 20:13:35 CEST 2007
On 6/1/07, Itamar Shtull-Trauring <itamar at itamarst.org> wrote:
> Right now, AFAICT, is is on by default in lxml.etree.XMLParser. Network
> queries by library code are a bad idea: it's an unexpected behavior,
> causing potential security risk and guaranteed performance problems.
I actually like the way the SAX interface handles this; you provide
something that resolves references however you want, and it uses that.
-Fred
--
Fred L. Drake, Jr. <fdrake at gmail.com>
"Chaos is the score upon which reality is written." --Henry Miller
More information about the lxml-dev
mailing list