[xsl] Data Leakage

Subject: [xsl] Data Leakage
From: Simon Reed <simon.reed@xxxxxxxxxx>
Date: Mon, 26 Mar 2001 15:28:54 +0100
I am having a bit of bother with data leakage the xslt seems to pay no
attention to the pathway in the match  statement,  the only way to lock the
data seems to be to use a for - each,  I was under the impression that the
use of applied templates negated the use of them.  The xslt transforms the
xml into item elements with attributes which we would then pass through a
generic html form builder we have built.


xslt..

<?xml version="1.0" encoding="UTF-8"?>
<xsl:stylesheet version="1.0"
xmlns:xsl="http://www.w3.org/1999/XSL/Transform";>
	<xsl:output method="xml" version="1.0" encoding="UTF-8"
indent="yes"/>
	<xsl:template match="/">
	
	<form action="">
		<xsl:apply-templates select ="Name"/>
		<xsl:apply-templates select="DateOfBirth"/>
		<xsl:apply-templates select="Address" mode="Address"/>
		<xsl:apply-templates select
="CommunicationsChannel[@type='Telephone']|CommunicationsChannel[@type='Fax'
]" mode="TelFax"/>
		<xsl:apply-templates select
="CommunicationsChannel[@type='EMail']" mode="EMail"/>
	</form>
	
	</xsl:template>
	
	<xsl:template match ="Name">
		<xsl:apply-templates select ="Title"/>
		<xsl:apply-templates select ="Forename"/>
		<xsl:apply-templates select="Middlename"/>
		<xsl:apply-templates select="Surname"/>
		<xsl:apply-templates select="Suffix"/>
	</xsl:template>
	
	<xsl:template match="DateOfBirth">
		<xsl:apply-templates select ="DateOfBirth"/>
	</xsl:template>
	
	<xsl:template match ="Address" mode="Address">
		<xsl:apply-templates select ="AddressHeader"/>
		<xsl:apply-templates select="AddressLine"/>
		<xsl:apply-templates select="Town"/>
		<xsl:apply-templates select="County"/>
		<xsl:apply-templates select ="Country"/>
		<xsl:apply-templates select ="Postcode"/>
	</xsl:template>
	
	<xsl:template
match="CommunicationsChannel[@type='Telephone']|CommunicationsChannel[@type=
'Fax']" mode="TelFax">
		<item type="telephone">
			<xsl:attribute name="title">
				<xsl:value-of select="PhoneType"/>
			</xsl:attribute>
			<xsl:attribute name="name">
				<xsl:value-of select="PhoneType"/>
			</xsl:attribute>
			<xsl:attribute name="Cc">
				<xsl:value-of select="CountryCode"/>
			</xsl:attribute>
			<xsl:attribute name="Ac">
				<xsl:value-of select="AreaCode"/>
			</xsl:attribute>
			<xsl:attribute name="Telephone">
				<xsl:value-of select="TelephoneNumber"/>
			</xsl:attribute>
		</item>
	</xsl:template>
	
	<xsl:template match ="CommunicationsChannel[@type='EMail']" mode
="EMail">
		<item type="text">
			<xsl:attribute name="value">
				<xsl:value-of select="EMailAddress"/>
			</xsl:attribute>
		</item>
	</xsl:template>

	<xsl:template match ="Title">
		<item type="text" title="Title" name="Title" size="5"
maxlength="25">
			<xsl:attribute name="value">
				<xsl:value-of select="."/>
			</xsl:attribute>
		</item>
	</xsl:template>
	<xsl:template match ="Forename">
		<item type="text" title="First Name" name="Forename"
size="8" maxlength="50">
			<xsl:attribute name="value">
				<xsl:value-of select="."/>
			</xsl:attribute>
		</item>
	</xsl:template>
	<xsl:template match ="Middlename">
		<item type="text" title="Middle Name" name="Middlename"
size="8" maxlength="50">
			<xsl:attribute name="value">
				<xsl:value-of select="."/>
			</xsl:attribute>
		</item>
	</xsl:template>
	<xsl:template match ="Surname">
		<item type="text" title="Last Name" name="Surname" size="8"
maxlength="50">
			<xsl:attribute name="value">
				<xsl:value-of select="."/>
			</xsl:attribute>
		</item>
	</xsl:template>
	<xsl:template match ="Suffix">
		<item type="text" title="Suffix" name="Suffix" size="8"
maxlength="50">
			<xsl:attribute name="value">
				<xsl:value-of select="."/>
			</xsl:attribute>
		</item>
	</xsl:template>
	<xsl:template match ="DateOfBirth">
		<item type="text" title="DateOfBirth" name="DateOfBirth"
size="10" maxlength="50">
			<xsl:attribute name="value">
				<xsl:value-of select="."/>
			</xsl:attribute>
		</item>
	</xsl:template>
	<xsl:template match ="AddressHeader">
		<item type="text" title="House No. / Name"
name="AddressHeader" size="10" maxlength="50">
			<xsl:attribute name="value">
				<xsl:value-of select="."/>
			</xsl:attribute>
		</item>
	</xsl:template>
	<xsl:template match ="AddressLine">
		<item type="text" title="Address" name="AddressLine"
size="20" maxlength="50">
			<xsl:attribute name="value">
				<xsl:value-of select="."/>
			</xsl:attribute>
		</item>
	</xsl:template>
	<xsl:template match ="Town">
		<item type="text" title="Town/City" name="Town" size="20"
maxlength="50">
			<xsl:attribute name="value">
				<xsl:value-of select="."/>
			</xsl:attribute>
		</item>
	</xsl:template>
	<xsl:template match ="County">
		<item type="text" title="County" name="County" size="20"
maxlength="50">
			<xsl:attribute name="value">
				<xsl:value-of select="."/>
			</xsl:attribute>
		</item>
	</xsl:template>
	<xsl:template match ="Country">
		<item type="text" title="Country" name="Country" size="10"
maxlength="50">
			<xsl:attribute name="value">
				<xsl:value-of select="."/>
			</xsl:attribute>
		</item>
	</xsl:template>
	<xsl:template match ="Postcode">
		<item type="text" title="Postcode" name="Postcode" size="10"
maxlength="50">
			<xsl:attribute name="value">
				<xsl:value-of select="."/>
			</xsl:attribute>
		</item>
	</xsl:template>

	</xsl:stylesheet>


XML Document

<?xml version="1.0" encoding="UTF-8"?>
<document xmlns:xsi="http://www.w3.org/1999/XMLSchema-instance";>
	<Policy ref="1" type="Policy" name="MyHousePolicy">
		<QuotationNumber/>
		<PolicyNumber/>
		<Status/>
		<InceptionDate/>
		<PolicyHolder xsi:type="Person">
			<Name>
				<Title/>
				<Forename/>
				<Middlename/>
				<Surname/>
				<Suffix/>
			</Name>
			<DateOfBirth/>
			<Address xsi:type="UKAddress">
				<AddressHeader/>
				<AddressLine/>
				<AddressLine/>
				<Town/>
				<County/>
				<Country/>
				<Postcode/>
			</Address>
			<CommunicationsChannel xsi:type="Telephone"
type="Telephone">
				<PhoneType/>
				<CountryCode/>
				<AreaCode/>
				<TelephoneNumber/>
			</CommunicationsChannel>
		</PolicyHolder>
		<Product ref="HHP9" name="Household" type="HH">
			<ProductNumber>1</ProductNumber>
			<QuotationNumber/>
			<Status>OnRisk</Status>
			<InceptionDate/>
			<Section xsi:type="InsuranceSection" ref="HHS1"
name="Buildings Section" type="BuildingSection">
				<Selected>true</Selected>
				<AssetRef name="Asset1" ref="BSA1"/>
				<SumInsured>
					<Denomination>
						<Name/>
					</Denomination>
					<Amount/>
				</SumInsured>
			</Section>
			<Section xsi:type="InsuranceSection" ref="HHS2"
name="Contents Section" type="ContentsSection">
				<AssetRef name="ContentsAsset" ref="BSA2"/>
				<Selected>true</Selected>
				<SumInsured>
					<Denomination>
						<Name/>
					</Denomination>
					<Amount/>
				</SumInsured>
			</Section>
			<Section xsi:type="InsuranceSection" ref="HHS3"
name="UnspecifiedAllRisks Section" type="UnspecifiedAllRisksSection">
				<AssetRef name="Asset3" ref="BSA3"/>
				<Selected>true</Selected>
				<SumInsured>
					<Denomination>
						<Name/>
					</Denomination>
					<Amount/>
				</SumInsured>
			</Section>
			<Section xsi:type="InsuranceSection" ref="HHS4"
name="SpecifiedItems Section" type="SpecifiedItemsSection">
				<AssetRef name="Asset4" ref="BSA4"/>
				<Selected>true</Selected>
				<SumInsured>
					<Denomination>
						<Name/>
					</Denomination>
					<Amount/>
				</SumInsured>
			</Section>
			<Section xsi:type="InsuranceSection" ref="HHS5"
name="Legal Expenses Section" type="LegalExpensesSection">
				<AssetRef name="Asset5" ref="BSA5"/>
				<Selected/>
				<SumInsured>
					<Denomination>
						<Name/>
					</Denomination>
					<Amount/>
				</SumInsured>
			</Section>
			<Section xsi:type="InsuranceSection" ref="HHS5"
name="PolicyHolderSection" type="PolicyHolderSection">
				<AssetRef name="Asset10" ref="BSA10"/>
				<Selected/>
				<SumInsured>
					<Denomination>
						<Name/>
					</Denomination>
					<Amount>0</Amount>
				</SumInsured>
			</Section>
		</Product>
		<Asset xsi:type="BuildingAsset" name="Building"
type="BuildingAsset" ref="BSA1">
			<AssetDefinitionRef name="BuildingAssetDefinition"
ref="BuildingAssetDef"/>
			<Value>
				<Denomination>
					<Name/>
				</Denomination>
				<Amount/>
			</Value>
			<ReplacementValue>
				<Denomination>
					<Name/>
				</Denomination>
				<Amount/>
			</ReplacementValue>
			<SectionRef name="Section Reference"
ref="BuildingSection"/>
			<Age/>
			<AreaCode/>
			<Listed/>
			<WallConstruction/>
			<AnyStructuresAdded/>
			<FreeFromLandslip/>
			<RoofConstruction/>
			<NearCliff/>
			<HistoryOfSubsidence/>
			<Postcode/>
			<SignsOfSubsidence/>
			<BuildingType/>
			<BuildingModifier/>
			<GoodStateOfRepair/>
			<NoOfBedrooms/>
			<FreeFromFlooding/>
			<SumInsured/>
		</Asset>
		<Asset xsi:type="ContentsAsset" name="Content"
type="ContentAsset" ref="BSA3">
			<AssetDefinitionRef name="ContentAssetDefinition"
ref="ContentAssetDef"/>
			<Value>
				<Denomination>
					<Name/>
				</Denomination>
				<Amount/>
			</Value>
			<ReplacementValue>
				<Denomination>
					<Name/>
				</Denomination>
				<Amount/>
			</ReplacementValue>
			<SectionRef name="Section Reference"
ref="ContentsSection"/>
			<Postcode/>
			<BuildingModifier/>
			<SumInsured/>
			<AreaCode/>
			<Unoccupied/>
			<HolidayHome/>
			<BurglarAlarm/>
			<LeftUnattended/>
			<WindowLocks/>
			<FiveLeverLocks/>
			<BusinessUse/>
			<NeighbourhoodWatch/>
			<PropertyTenanted/>
			<LocksUsed/>
			<FireSmokeAlarm/>
			<PrivateHomeDwelling/>
			<PatioDoorLocks/>
		</Asset>
		<Asset xsi:type="PolicyHolderAsset" name="PolicyHolderAsset"
type="PolicyHolderAsset" ref="BSA10">
			<AssetDefinitionRef
name="PolicyHolderAssetDefinition" ref="PolicyHolderAssetDef"/>
			<Value>
				<Denomination>
					<Name>GBP</Name>
				</Denomination>
				<Amount>0</Amount>
			</Value>
			<ReplacementValue>
				<Denomination>
					<Name>GBP</Name>
				</Denomination>
				<Amount>0</Amount>
			</ReplacementValue>
			<SectionRef name="Section Reference"
ref="PolicyHolderSection"/>
			<DateOfBirth>1967-01-04T00:00:00.000</DateOfBirth>
			<Occupation>Clerical</Occupation>
			<ClaimsHistory>3</ClaimsHistory>
			<ConvictionHistory>5</ConvictionHistory>
		</Asset>
		<Asset xsi:type="UnspecifiedAllRisks"
name="UnspecifiedAllRisksAsset" type="UnspecifiedAllRisksAsset" ref="BSA3">
			<AssetDefinitionRef
name="UnspecifiedAllRisksAssetDefinition"
ref="UnspecifiedAllRisksAssetDef"/>
			<Value>
				<Denomination>
					<Name>GBP</Name>
				</Denomination>
				<Amount>5000</Amount>
			</Value>
			<ReplacementValue>
				<Denomination>
					<Name>GBP</Name>
				</Denomination>
				<Amount>5000</Amount>
			</ReplacementValue>
			<Postcode>TN39HU</Postcode>
			<ItemType/>
			<SumInsured>5000</SumInsured>
		</Asset>
		<Asset xsi:type="SpecifiedItem" name="SpecifiedItemAsset"
type="SpecifiedItemAsset" ref="BSA4">
			<AssetDefinitionRef
name="SpecifiedItemAssetDefinition" ref="SpecifiedItemAssetDef"/>
			<Value>
				<Denomination>
					<Name>GBP</Name>
				</Denomination>
				<Amount>1500</Amount>
			</Value>
			<ReplacementValue>
				<Denomination>
					<Name>GBP</Name>
				</Denomination>
				<Amount>1000</Amount>
			</ReplacementValue>
			<Postcode>TN39HU</Postcode>
			<ItemType>Jewellery</ItemType>
			<SumInsured>1500</SumInsured>
		</Asset>
		<Asset xsi:type="LegalExpenses" name="LegalExpensesAsset"
type="LegalExpensesAsset" ref="BSA5">
			<AssetDefinitionRef
name="LegalExpensesAssetDefinition" ref="LegalExpensesAssetDef"/>
			<Value>
				<Denomination>
					<Name>GBP</Name>
				</Denomination>
				<Amount>10000</Amount>
			</Value>
			<ReplacementValue>
				<Denomination>
					<Name>GBP</Name>
				</Denomination>
				<Amount>10000</Amount>
			</ReplacementValue>
			<SumInsured>10000</SumInsured>
		</Asset>
	</Policy>
</document>


**********************************************************************
The information in this E-Mail is confidential and may be
legally privileged. It may not represent the views of 
WebX Limited. It is intended solely for the addressees. 
Access to this E-Mail by anyone else is unauthorised. If you 
are not the intended recipient, any disclosure, copying, 
distribution or any action taken or omitted to be taken in 
reliance on it, is prohibited and may be unlawful.  Any 
unauthorised recipient should advise the sender immediately
of the error in transmission.
**********************************************************************

 XSL-List info and archive:  http://www.mulberrytech.com/xsl/xsl-list


Current Thread