Lists Home |
Date Index |
> Well, there are other URI schemes than HTTP. For instance, FILE.
Yes the file protocol can be expressed as a URI as in the following example:
file://c:dir1/dir2/doc.xml. It works well within the context of the actual
"document" function (but could be a real security threat is not using in the
proper context). Any other protocol expressed as a single URI and returning
an XML document is OK in the current framework.
Now what about all the other ways to obtain an XML document?
> I personally don't think it's an issue at all. As others pointed out, POST
> may have side effects, so I'm not convinced that it is a good idea to do
> from XSLT.
I expected something better than using an external authority argument
Julian. The simple fact is that if the document function is replaced by
another construct allowing to do such things as an HTTP POST or any other
HTTP based functions like for instance a WEBDAV SEARCH method, then if and
only if the construct is used to fetch an XML document, then, there are no
side effects. The only problem would be to retrieve a document that cannot
be parsed. This problem is also present with the actual "document" function
anyway. So, the answer is: there are no side effects if the construct is
doing what was previously stated (i.e. limited to a document fetch)
In fact, to be really up to date with the basic web methods, such
function/construct would be compatible with IETF messages' structure which
This would allow us to obtain XML documents with WEBDAV, SIP and any other
in progress internet messages protocols.
Didier PH Martin