The mod security handbook states that XML parsing is expensive (cpu and
ram) but i was wondering if out of the three (validateSchema, validateDTD
and XPATH checks) which one is least intensive or maybe it does not matter
because we run the XML parser in all three cases?
In my test application, the client will always POST XML in the request
body and i would like to validate and sanitize. At the moment i am using
validateSchema and it works fine but
then maybe there is a more efficient way.
I was thinking maybe if i used XPATH expressions for checking the xml
inputs instead of using validateDTD or validateSchema it might be less
Using Opera's revolutionary email client: http://www.opera.com/mail/