Lists Home |
Date Index |
"Michael Kay" <firstname.lastname@example.org> writes:
> I see that David's talk mentions the dangers of referring to external
> XSLT stylesheets. Until recently the W3C site provided a servlet which
> would run an XSLT transformation using a user-specified source document
> and stylesheet. By calling external Java methods from the stylesheet,
> you had total access to files on the web server.
> Although W3C have patched their servlet to disallow Java method calls, I
> suspect many others are still doing this.
Just out of interest: How will it handle an XPath including