[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message]

RE: What the .... ? Referencing XSL stylesheets across domains

• To: <xml-dev@l...>
• Subject: RE: What the .... ? Referencing XSL stylesheets across domains
• From: "bryan" <bry@i...>
• Date: Thu, 15 Aug 2002 11:08:48 +0200
• Importance: Normal
• In-reply-to: <4F4182C71C1FDD4BA0937A7EB7B8B4C1061BA9B0@r...>

Sebastian  Schnitzenbaumer wrote:
>>Why is it
>>dangerous to load an XSL from somewhere else?

Joshua Allen wrote:
>On the one hand, you could say, "It should treat XSLT processor the
same >way as CSS", but on the other hand you might say "thank heavens
that people >can't take control of my machine by exploiting buffer
overruns in the XSLT >processor."  

I don't think you could say "it should treat XSLT processor the same way
as CSS" what with the possibility to create extensions functions that
use vbscript, javascript, can call com components etc.

By the way, in case anyone didn't see this article:
http://www.theregister.co.uk/content/archive/24815.html

MS downloads wd-xsl to Windows-XP for search. Not the same subject but
somewhat related.

• References:
  • RE: What the .... ? Referencing XSL stylesheets across domains
    • From: "Joshua Allen" <joshuaa@m...>

• Prev by Date: RE: Is XML Ubiquitous yet? (was Re: Pushing SAX events out onto the Web?)
• Next by Date: Re: Pushing SAX events out onto the Web?
• Previous by thread: RE: What the .... ? Referencing XSL stylesheets across domains
• Next by thread: RE: What the .... ? Referencing XSL stylesheets across domains
• Index(es):
  • Date
  • Thread