Re: [xml-dev] defining correctness for an XML transformation - how?

["Liam R. E. Quin" <liam@fromoldbooks.org>]

On Thu, 2024-07-04 at 07:49 -0600, C. M. Sperberg-McQueen wrote:
> 
> 
>      (1) for every Airport_Name element $i in I, there is some name
>          element $o in O such that $o has only one child node (a text
>          node) and string($o) = normalize-space($i);
> 
>      (2) for every name element $o in O, there is some Airport_Name
>          element $i in I such that string($o) = normalize-space($i).

Often forgotten, and responsible for a great number of security
problems:

  (3) there is no other element in O than the wrapper element and
      AirportName elements

  (4) there is no use of external XML entities in O,
      no internal subset, and no additional namespace declarations
      (e.g. xsi: to alter where a schema is sought, and possibly
      introduce default values)

  (5) the output O is well-formed XML

  (6) no additional files or resources are consulted or created in
      the transformation process

  (7) the transformation must complete without using excess memory of
CPU time or other system resources.

In other words, a transformation that handles the data as specified
must not have additional side-effects.

XSLT 2 and later can do things like
    unparsed-text("/etc/passwd") ! replace(':.*$'. '')
to get a list of registered user accounts on a system, for example.
Running the transformation in a sandbox can limit this.

So, there’s a pragmatic side to correctness often ignored in the
textbooks, partly for simplicity as the closer you get to the edge of
your system, the harder it gets to specify and measure things.

liam

-- 
Liam Quin, https://www.delightfulcomputing.com/
Available for XML/Document/Information Architecture/XSLT/
XSL/XQuery/Web/Text Processing/A11Y training, work & consulting.
Barefoot Web-slave, antique illustrations:  http://www.fromoldbooks.org