RE: [xsl] xsl processors turn off extension functions

<-prev [Thread] next->	<-prev [Date] next->
Month Index \| List Home

RE: [xsl] xsl processors turn off extension functions

Subject: RE: [xsl] xsl processors turn off extension functions
From: bry@xxxxxxxxxx
Date: Tue, 29 Jun 2004 13:26:50 +0200

> It's
> surprisingly
> common to find sites that are prepared to execute untrusted stylesheets,
> which can cause arbitrary havoc if extension functions are not disabled.
> Even with extension functions disabled, there's a denial-of-service risk.
>
I think also in light of GRDDL http://www.w3.org/2004/01/rdxh/spec that it is
even more important. Of course GRDDL suffers under some other security problems
as well.

Current Thread
RE: [xsl] xsl processors turn off extension functions bry - Tue, 29 Jun 2004 13:26:50 +0200 <=

<- Previous	Index	Next ->
RE: [xsl] XSL & CDATA Processing, Michael Kay	Thread	Processing an xml catalog in xslt, Nicolas Mailhot
RE: [xsl] xsl processors turn off e, Michael Kay	Date	Processing an xml catalog in xslt, Nicolas Mailhot
	Month