Home XML bomb

XML bomb

(also billion laughs attack)

XML bomb definition

An XML bomb is a type of DDoS attack where a small piece of code is sent to overwhelm the program that parses XML files and crash the server. It works similarly to a zip bomb: when an XML parser tries to process the message, nested data entities inside of it start growing exponentially and crash the server.

How to stop an XML attack

Limit the number of characters the entity can expand.
Limit the memory allocated to a parser.

Ultimate digital security

protected woman man sofa bubble devices xs

Malware protection
One account, six devices
Hide your IP

Get NordVPN