OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help



   RE: [xml-dev] Word 2003 schemas available

[ Lists Home | Date Index | Thread Index ]
  • To: "Murali Mani" <mani@CS.UCLA.EDU>
  • Subject: RE: [xml-dev] Word 2003 schemas available
  • From: "Michael Rys" <mrys@microsoft.com>
  • Date: Tue, 18 Nov 2003 10:52:37 -0800
  • Cc: <xml-dev@lists.xml.org>
  • Thread-index: AcOuAjnYI72W6fk8T5C04/HZHV7gGQAAiHmA
  • Thread-topic: [xml-dev] Word 2003 schemas available

The point regarding PIs is that it is just markup and has no semantics.
Only a processor that sees the PI and understands its target will act on
it. It does not introduce "code" into XML any more or any less than an
element with a specific markup.

For example, for SQL Server 2000 we designed a so called SQLXML
template: an XML file that contains markup with special names that
execute a query against a database. We decided to use a special
namespace and XML elements for giving this information, but
theoretically, we could have used processing-instructions as well. XSLT
processors for example interpret a special PI as an instruction to
transform an XML document containing that PI using the indicated XSLT
transform. Theoretically, XSLT could have chosen an XML element in a
special namespace for doing so. 

There are some trade-offs to be made, but neither approach is more or
less secure per se.

Best regards

> -----Original Message-----
> From: Murali Mani [mailto:mani@CS.UCLA.EDU]
> Sent: Tuesday, November 18, 2003 10:32 AM
> To: Michael Rys
> Cc: xml-dev@lists.xml.org
> Subject: RE: [xml-dev] Word 2003 schemas available
> On Tue, 18 Nov 2003, Michael Rys wrote:
> > [Michael Rys] You mean like the format used in the .doc files? :-)
> >
> > Binary XML in my opinion flies in the face of loosely-coupled
> > interoperability. By adding a "standard" binary XML format (be it
> > based on ASN PER/BER or some other scheme) the interoperability gets
> > bifurcated and the advantage of a single, auditable, interoperable
> > format to be used in loosely-coupled environments disappears. In
> > closely-coupled systems, you can use something else than XML (or a
> > binary format). Since the coupling is closed, you do not need to
> > follow a standard (although there are some reasons why you still may
> > use XML).
> very true, if MS Office wants to define an interface for other
> applications, well and good. Why should we look into the inner
> of MS Office?? But as Len pointed out, there needs to be standard
> format for other cases??
> > [Michael Rys] A processing instruction is just a special form of
> > Markup. The software needs to understand it to do anything with it.
> > if the software understands a dangerous PI, then you may have a
> > security issue, if the software does not understand any PI, then you
> > should not.
> Regarding PIs, however, I am still not convinced totally. If I have a
> latex file and I compile it, all I can get is a dvi file. However,
> are chances of overlooked sideeffects when we have a s/w that
> an XML document..?? the s/w needs to know to handle the PI, but
> Anyways, best, murali.


News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS