I can always start to write my own, but i'd rather not have to maintain it reactivley. Although it may make an interesting learning experience.
So I am looking for a XmlReader class that has been proofed against various dos attacks (dtd, element depth, cross domain nastiness etc).
Anybody have any ideas? My only real reource atm is http://msdn.microsoft.com/en-us/magazine/ee335713.aspx
If you use XmlReader.Create to create your reader DTD processing will be disabled by default so you should not be vulnerable to DTD attacks (note that this is not true for XmlTextReader where DTD processing is enabled by default - for more details see a blog post I wrote and comments). For element Depth - I don't think XmlReader really cares - it is just a state machine that will record finding a nested element in the Depth property.