#1
  1. No Profile Picture
    Joonior Meember
    Devshed Newbie (0 - 499 posts)

    Join Date
    Mar 2001
    Location
    Barre, VT, USA, Earth
    Posts
    11
    Rep Power
    0

    Unhappy XML data vulnerable


    I see a potential prob with XML documents. When displaying an XML document, with XSL or not, the XML data is there in the document source, raw as can be. Now I understand that this is part of the design of XML but doesn't this then leave the data open to be ripped off quick and easy if desired? What if for instance, you were displaying a list of email addresses and names. How difficult would it be to create a script to crawl the site and steal this info since we make it easy for them and display the actual data, no munging required? Seems pretty simple to me!

    The only way I see around this is to load the XML and the XSL with javascript so that the code is just a shell.

    Any comments?
  2. #2
  3. No Profile Picture
    CF sMod
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2000
    Location
    Maine, USA (a.k.a. Boonies)
    Posts
    242
    Rep Power
    15
    Perhaps:

    <email>
    <user>johndoe</user>
    <domain>internet.com</domain>
    </email>

    Is an effective way of deterring spammers, but if you are talking about actually protecting the information of an XML document, take a look at XML Encryption:

    http://www.w3.org/Encryption/2001/
    Jason Contact Me
    Super moderator @ CodingForums

IMN logo majestic logo threadwatch logo seochat tools logo