A Billion More Laughs: The JavaScript hack that acts like an XML attack
Published Sep 11, 2008
Version 1.0Was this article helpful?
That's a great point. I was actually thinking about that late yesterday. If you control the parsing, you control the stack, so you control how many iterations of the same piece of code is executed. Doesn't seem like rocket science at all.
I say that blithely because *I* don't have to implement it. ;-) I seem to recall that writing compilers was ... interesting if not a bit frustrating.