RE: Fw: Signing of XSL scripts

Subject: RE: Fw: Signing of XSL scripts
From: Boris Moore <Boris.Moore@xxxxxxxxxx>
Date: Sat, 30 May 1998 10:09:10 +0200
John Dreystadt: 
> I can easily imagine someone wanting to implement an escape to an
> external application for complex processing. How about queries to an
> external database?

The host application for XSL will be the XSL processor.  I understand 
that conformant XSL processors will implement a subset of standard 
ECMAScript together with some XSL specific built-in functions, giving 
no more access to the local system than ECMAScript in an HTML 
page.  (Possibly less).

Perhaps future XSL processors will be hosted by other applications, not 
only by browsers, (or by documents themselves hosted by browsers).  
But in that case too, I believe the XSL processor will at best have access 
to its hosting application, which itself will be subject to its own specific 
security model.  

A Java applet, for example, would not therefore be able to use XSL to 
gain any additional access to the local system...   

Boris Moore


 XSL-List info and archive:  http://www.mulberrytech.com/xsl/xsl-list


Current Thread