mirrors/cpython
1
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-08-04 17:08:35 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 13

Issue 17538: Document XML vulnerabilties

Browse source
This commit is contained in:
Christian Heimes 2013-03-26 17:35:55 +01:00
parent 5be6d74a0d
commit 7380a67267
10 changed files with 187 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

8
Doc/library/xml.etree.elementtree.rst
View file

@ -13,6 +13,14 @@ The :class:`Element` type is a flexible container object, designed to store
hierarchical data structures in memory. The type can be described as a cross
between a list and a dictionary.
.. warning::
The :mod:`xml.etree.ElementTree` module is not secure against
maliciously constructed data. If you need to parse untrusted or
unauthenticated data see :ref:`xml-vulnerabilities`.
Each element has a number of properties associated with it:
* a tag which is a string identifying what kind of data this element represents