[XSL-LIST Mailing List Archive Home]
[By Thread]
[By Date]
Michael Kay wrote:
But this does not mean that the idea is useless or that it cannot be implemented.
You could have a big collection of different XSLT processors on the server
and give anyone anywhere the ability to have their xml docs remotely transformed
with their xslt stylesheets.
The users don't need to have any xslt processor installed on their client computer,
nor will they have any problems in upgrading to the latest versions.
One could create and post for processing from any computer -- even when on vacation,
from an Internet Cafe or while at a conference...
The user can select between MSXML and Saxon 5.4
Dimitre Novatchev.
XSL-List info and archive: http://www.mulberrytech.com/xsl/xsl-list
[xsl] RE: Re: Saxon Servlet
|
Subject: [xsl] RE: Re: Saxon Servlet From: owner-xsl-list@xxxxxxxxxxxxxxxxxxxxxx (by way of B. Tommie Usdin) Date: Fri, 2 Mar 2001 09:30:29 -0500 |
Date: Thu, 1 Mar 2001 21:38:33 -0800 (PST) From: Dimitre Novatchev <dnovatchev@xxxxxxxxx> Subject: RE: Re: Saxon Servlet To: mhkay@xxxxxxxxxxxx Cc: xsl-list@xxxxxxxxxxxxxxxxxxxxxx MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii
Michael Kay wrote:
> I am having a very simple problem (even though I do not know > how to solve > it :)) with the SaxonServlet provided with the src code > samples. Basically, > I want to pass both my XML source and XSL source as URL's > which are located on a different machine.
There are security reasons why this isn't allowed, someone running a web site doesn't want users to be able to run an arbitrary stylesheet, possibly containing calls on extension functions, on that server.
But this does not mean that the idea is useless or that it cannot be implemented.
You could have a big collection of different XSLT processors on the server
and give anyone anywhere the ability to have their xml docs remotely transformed
with their xslt stylesheets.
The users don't need to have any xslt processor installed on their client computer,
nor will they have any problems in upgrading to the latest versions.
One could create and post for processing from any computer -- even when on vacation,
from an Internet Cafe or while at a conference...
In fact there's an implementation -- the Remote XML Workbench allows clients to post two string parameters, one -- the text of an xml document, the other -- the text of a stylesheet.
The user can select between MSXML and Saxon 5.4
On the server the stylesheet is applied to the xml document and the result string is returned to the client.
It is true that there are serious security issues. They are dealt with by pre-scanning the provided stylesheet with a security checking stylesheet.
Since last August there hasn't been a single security violation. The only problem is that MSXML can crash under deep recursive processing -- I'm really impatient to have this finally fixed in MSXML.
Dimitre Novatchev.
__________________________________________________ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/
XSL-List info and archive: http://www.mulberrytech.com/xsl/xsl-list
| Current Thread |
|---|
|
| <- Previous | Index | Next -> |
|---|---|---|
| RE: [xsl] xml:output encoding as i, Michael Kay | Thread | RE: [xsl] xml:output encoding as i, Neil Hunter |
| RE: [xsl] xml:output encoding as i, Julian F. Reschke | Date | RE: [xsl] <xsl:include> and Oracle , Ellis, Graham |
| Month |