|
Subject: RE: [xsl] xsl 1.1 security model? From: "Michael Kay" <mhkay@xxxxxxxxxxxx> Date: Sat, 24 Mar 2001 03:36:16 +0100 |
> The ability to write to multiple named documents seems to me > to be just > as dangerous as the ability to call external scripts (if not more so - > after all, ecmascript has no standard way of writing to named files). > > Should the xsl:document element be enabled client-side, or is > the answer > so obvious that the question didn't need asking? > > And would an implementation that disabled the xsl:document element > client-side still be XSLT 1.1 compliant? > It's my understanding that Microsoft are reluctant to implement this feature client-side, and I think the spec is clear that it's not required for conformance. This approach makes sense, since the requirement for the feature is mainly fur use during the publishing cycle, not in client-side rendering. Mike Kay Software AG XSL-List info and archive: http://www.mulberrytech.com/xsl/xsl-list
| Current Thread |
|---|
|
| <- Previous | Index | Next -> |
|---|---|---|
| Re: [xsl] xsl 1.1 security model?, Francis Norton | Thread | Re: [xsl] xsl 1.1 security model?, David Carlisle |
| RE: [xsl] Saxon setParameter() of n, Michael Kay | Date | [xsl] Resent: Help please on a sele, Wolfgang Bogacz |
| Month |