Commit 69d7ed3

committed

Add security considerations

1 parent 11a0063 commit 69d7ed3Copy full SHA for 69d7ed3

File tree

+10

-2

lines changed

+10

-2

lines changed

Lines changed: 3 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -644,6 +644,9 @@ Link: </alice>; rel="profile", </bob>; rel="profile"`
`644`	`644`	`Validators should take care that the parsing of schemas doesn't consume excessive system resources.`
`645`	`645`	`Validators MUST NOT fall into an infinite loop.`
`646`	`646`	`</t>`
	`647`	`+ <t>`
	`648`	`+ Individual JSON Schema vocabularies are liable to also have their own security considerations. Consult the respective specifications for more information.`
	`649`	`+ </t>`
`647`	`650`	`</section>`
`648`	`651`
`649`	`652`	`<section title="IANA Considerations">`

Lines changed: 7 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -739,8 +739,13 @@`
`739`	`739`
`740`	`740`	`<section title="Security considerations">`
`741`	`741`	`<t>`
`742`		`- JSON Schema validation does not have any additional security considerations than`
`743`		`- those defined by the JSON Schema core specification.`
	`742`	`+ JSON Schema validation defines a vocabulary for JSON Schema core and conserns all the security considerations listed there.`
	`743`	`+ </t>`
	`744`	`+ <t>`
	`745`	`+ JSON Schema validation allows the use of Regular Expressions, which have numerous different (often incompatible) implementations.`
	`746`	`+ Some implementations allow the embedding of arbritrary code, which is outside the scope of JSON Schema and MUST NOT be permitted.`
	`747`	`+ Regular expressions can often also be crafted to be extremely expensive to compute (with so-called "catastrophic backtracking"),`
	`748`	`+ resulting in a denial-of-service attack.`
`744`	`749`	`</t>`
`745`	`750`	`</section>`
`746`	`751`

Comments

(0)