[LGM] Program epub

ale rimoldi a.l.e at ideale.ch
Fri Mar 28 09:38:00 PDT 2014

hi manuel,

> > no idea why wordpress is so restrictive...
> >
> out of curiosity, i searched the WP Trac, and found that it's for
> security reasons:
> https://core.trac.wordpress.org/ticket/27063
> "Unfortunately XML files need to be carefully sanitized in order to
> not be vulnerable to some serious vulnerabilities, namely an XML bomb
> (exponential entity expansion) and XXE (XML external entity)
> injection. We have no plans to attempt this in core, as these are just
> incredibly dangerous."

thanks for looking and at and for the explanation!

at first i didn't understand why it would matter, but it's probably
related to the fact that wordpress is creating a preview for the
uploaded files...

now i know :-)

see you soon

More information about the Libre-graphics-meeting mailing list