OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

 


 

   RE: [xml-dev] What the .... ? Referencing XSL stylesheets across domains

[ Lists Home | Date Index | Thread Index ]

Sebastian  Schnitzenbaumer wrote:
>>Why is it
>>dangerous to load an XSL from somewhere else?

Joshua Allen wrote:
>On the one hand, you could say, "It should treat XSLT processor the
same >way as CSS", but on the other hand you might say "thank heavens
that people >can't take control of my machine by exploiting buffer
overruns in the XSLT >processor."  

I don't think you could say "it should treat XSLT processor the same way
as CSS" what with the possibility to create extensions functions that
use vbscript, javascript, can call com components etc.

By the way, in case anyone didn't see this article:
http://www.theregister.co.uk/content/archive/24815.html

MS downloads wd-xsl to Windows-XP for search. Not the same subject but
somewhat related.








 

News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS