2 May
2025
2 May
'25
9:38 a.m.
Hello everyone on the list! There is a change between 11.8 and 11.9, related to security settings. This has to do with the following document: <?xmlversion="1.0"?> <!DOCTYPEfoo[ <!ELEMENT foo ANY > <!ENTITYxxe SYSTEM "file:///"> ]> <foo>&xxe;</foo> When parsing this document, BaseX11.8 threw an error with code err:FODC0002, which means that the resource cannot be retrieved. BaseX 11.9 gives a listing of the root directory of my computer. This can be used to retrieve all files on my computer, which is a security risk.