[XSL-LIST Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message] [no subject]This is in contradiction with the first quotation above, according to which the document() function is one of the "deliberately-excluded XSLT-defined functions" mentioned above, and isn't allowed to be called inside a dynamically-evaluated XPath expression. My questions: =========== 1. Which of the two contradicting texts quoted above is right and which is wrong? 2. Why function calls to doc()/document() referring to non-local store is not mentioned as a security risk? What about sending any data to the remote host, as part of the query component of an URI? And it certainly will be good to remove this contradiction from the next version of the XSLT 3.0 specification. -- Cheers, Dimitre Novatchev
|
PURCHASE STYLUS STUDIO ONLINE TODAY!Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced! Download The World's Best XML IDE!Accelerate XML development with our award-winning XML IDE - Download a free trial today! Subscribe in XML format
|