This repository is private.
All pages are served over SSL and all pushing and pulling is done over SSH.
No one may fork, clone, or view it unless they are added as a member.
Every repository with this icon (
) is private.
Every repository with this icon (
) is private.
This repository is public.
Anyone may fork, clone, or view it.
Every repository with this icon () is public.
Every repository with this icon (
) is public.
| name | age | message | |
|---|---|---|---|
 |
.gitignore | Fri Aug 22 06:00:42 -0700 2008 | |
| |
LICENSE | Fri Aug 22 06:00:42 -0700 2008 | |
| |
README.textile | Fri Aug 22 06:00:42 -0700 2008 | |
| |
example.xml | Fri Aug 22 06:00:42 -0700 2008 | |
 |
lib/ | Sun Aug 31 09:41:33 -0700 2008 | |
| |
rexml-expansion-fix.gemspec | Sun Aug 31 09:41:33 -0700 2008 |
README.textile
REXML Expansion Fix
The version of rexml which ships with ruby at present will not restrict the total number of entity expanstions when processing inline attributes. This can allow specially crafted documents to consume enormous amounts of CPU. To prevent this from happening this fix causes processing to abort processing after a certain number of expansions have taken place. The limit defaults to 10000 but you can change it as follows:
REXML::Document.entity_expansion_limit= 50The example xml in example.xml can be used to verify that your application is safe.
