Issue 17538: Document XML vulnerabilties

author: Christian Heimes <christian@cheimes.de> 2013-03-26 16:53:05 (GMT)
committer: Christian Heimes <christian@cheimes.de> 2013-03-26 16:53:05 (GMT)
commit: 23790b4be0b6d5af4f79c23fd99e03a1499a1bb5 (patch)
tree: 69827d9b0b1d8f03541fa943517a8eb13d1b0d09 /Doc/library/xml.sax.rst
parent: 4b394db41f7d5347e4a4083305bfcda562bc38f8 (diff)
download: cpython-23790b4be0b6d5af4f79c23fd99e03a1499a1bb5.zip
cpython-23790b4be0b6d5af4f79c23fd99e03a1499a1bb5.tar.gz
cpython-23790b4be0b6d5af4f79c23fd99e03a1499a1bb5.tar.bz2
1 files changed, 8 insertions, 0 deletions
diff --git a/Doc/library/xml.sax.rst b/Doc/library/xml.sax.rst
index 43d17c2..75cfc11 100644
--- a/Doc/library/xml.sax.rst
+++ b/Doc/library/xml.sax.rst
@@ -16,6 +16,14 @@ Simple API for XML (SAX) interface for Python.  The package itself provides the
 SAX exceptions and the convenience functions which will be most used by users of
 the SAX API.
 
+
+.. warning::
+
+   The :mod:`xml.sax` module is not secure against maliciously
+   constructed data.  If you need to parse untrusted or unauthenticated data see
+   :ref:`xml-vulnerabilities`.
+
+
 The convenience functions are:
author	Christian Heimes <christian@cheimes.de>	2013-03-26 16:53:05 (GMT)
committer	Christian Heimes <christian@cheimes.de>	2013-03-26 16:53:05 (GMT)
commit	23790b4be0b6d5af4f79c23fd99e03a1499a1bb5 (patch)
tree	69827d9b0b1d8f03541fa943517a8eb13d1b0d09 /Doc/library/xml.sax.rst
parent	4b394db41f7d5347e4a4083305bfcda562bc38f8 (diff)
download	cpython-23790b4be0b6d5af4f79c23fd99e03a1499a1bb5.zip cpython-23790b4be0b6d5af4f79c23fd99e03a1499a1bb5.tar.gz cpython-23790b4be0b6d5af4f79c23fd99e03a1499a1bb5.tar.bz2