[mod-security-users] Mod Security XML Parsing
Brought to you by:
victorhora,
zimmerletw
From: Usman W. <us...@op...> - 2012-06-07 08:25:11
|
Hi, The mod security handbook states that XML parsing is expensive (cpu and ram) but i was wondering if out of the three (validateSchema, validateDTD and XPATH checks) which one is least intensive or maybe it does not matter because we run the XML parser in all three cases? In my test application, the client will always POST XML in the request body and i would like to validate and sanitize. At the moment i am using validateSchema and it works fine but then maybe there is a more efficient way. I was thinking maybe if i used XPATH expressions for checking the xml inputs instead of using validateDTD or validateSchema it might be less expensive? Thanks, Usman -- Using Opera's revolutionary email client: http://www.opera.com/mail/ |