Subject: RE: About xsl:scripts From: "Jonathan Borden" <jborden@xxxxxxxxxxxx> Date: Tue, 13 Apr 1999 22:00:22 -0400 |
Didier: > > If you have the capacity to create object, this would work well > server side > but not client side. To be able to create object on the client side is > equivalent to a security hole. But not on the server. On the server, the > capacity to create object is useful when you want to link to > databases (this > is what ASP scripts do most of the time). Except that you can create objects client side using JavaScript embedded in HTML documents. On the client side, they need to be marked "Safe For Scripting" to enable this... I'm hazy on the exact details, but the gist is that IE implements something like the IServiceProvider interface which 'filters' the creation of objects using the CATID_SafeForScripting... I'd suspect that the problem is that the XSL embedded script does not get hooked into the containing service provider interface as it would in an HTML page... just some wild guesses... Jonathan XSL-List info and archive: http://www.mulberrytech.com/xsl/xsl-list
Current Thread |
---|
|
<- Previous | Index | Next -> |
---|---|---|
About xsl:scripts, Didier PH Martin | Thread | RE: About xsl:scripts, Didier PH Martin |
About xsl:scripts, Didier PH Martin | Date | Re: XPDL (was Re: XML is broken), James Tauber |
Month |