[mod-security-users] Mod Security XML Parsing

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Hi,

The mod security handbook states that XML parsing is expensive (cpu and  
ram) but i was wondering if out of the three (validateSchema, validateDTD  
and XPATH checks) which one is least intensive or maybe it does not matter  
because we run the XML parser in all three cases?

In my test application, the client will always POST XML in the request  
body and i would like to validate and sanitize. At the moment i am using  
validateSchema and it works fine but
then maybe there is a more efficient way.

I was thinking maybe if i used XPATH expressions for checking the xml  
inputs instead of using validateDTD or validateSchema it might be less  
expensive?

Thanks,
Usman

-- 
Using Opera's revolutionary email client: http://www.opera.com/mail/