Software update that prevents the processing of XML messages that contain DTDs for .NET Framework 1.1
SUMMARYThis article discusses a software update that allows the
following technologies to reject the processing of XML messages that contain
document type definitions (DTDs):
RESOLUTIONYou can download the software update to reject the
processing of XML messages that contain DTDs for .NET Framework 1.1 from the
following location: .NET Framework 1.1 Temporary File Explosion on Sharepoint Servers - Windows Server 2003 If you are using .NET Framework 1.0, you are encouraged to upgrade
to .NET Framework 1.1 and download and apply the software update.
http://www.microsoft.com/downloads/details.aspx?FamilyID=62fa5aad-dc25-491c-8944-3b2920c9fc64&DisplayLang=en (http://www.microsoft.com/downloads/details.aspx?FamilyID=62fa5aad-dc25-491c-8944-3b2920c9fc64&DisplayLang=en) MORE INFORMATIONDTDs define the rules that describe the structure of XML
documents and that can be used to validate the structure of those documents.
When the XML 1.0 specification was originally created, the DTD syntax, which is
not XML-based, was inherited from earlier markup languages, such as Standard
Generalized Markup Language (SGML) and HTML. An XML namespace is a mechanism for uniquely qualifying element names and attribute names that are used in XML documents. DTDs do not fully support XML namespaces. The process that is used to parse DTDs does not enforce adherence to a namespace. As an alternative to DTDs, you can describe the XML document structure by using the World Wide Web Consortium (W3C) XML Schema language. The W3C XML Schema language offers the same benefits as DTDs, but it also resolves some of the limitations of DTDs. DTDs may be useful when you work with XML applications that are based on the XML 1.0 specification and that do not support XML schemas. In some cases, you may want to reject XML messages that contain DTDs. For example, the SOAP 1.1 specification states that a SOAP message must not contain a DTD. Therefore, a SOAP processor can reject any SOAP message that contains a DTD. To automatically reject XML messages that contain DTDs, the technologies use a new XmlTextReader property that is named ProhibitDtd. When the ProhibitDtd property is set to true, this property causes the XmlTextReader to throw an exception if a DTD is encountered while parsing. For additional information, click the following article number to view the article in the Microsoft Knowledge Base: 824684 (http://support.microsoft.com/kb/824684/)
Description of the standard terminology that is used to describe Microsoft software
REFERENCES For additional
information, click the following article number to view the article in the
Microsoft Knowledge Base: 832878 (http://support.microsoft.com/kb/832878/)
Microsoft Web services security resources
For more information, visit the following Web sites: XML Schema specification index page http://www.w3.org/XML/Schema#dev (http://www.w3.org/XML/Schema#dev) APPLIES TO
| Article Translations
|
| United States | Change | | | All Microsoft Sites |
Help and Support
Back to the top
|
