XML Editor - Download a Free Trial >
See What's New >
Buy Now >

[XSL-LIST Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message]

Re: XSLT 3.0: Question about: Disabling dynamic evalu

Play the video
Subject: Re: XSLT 3.0: Question about: Disabling dynamic evaluation unconditionally
From: "Dimitre Novatchev dnovatchev@xxxxxxxxx" <xsl-list-service@xxxxxxxxxxxxxxxxxxxxxx>
Date: Sun, 15 Feb 2015 23:02:47 -0000
Re: XSLT 3.0: Question about: Disabling dynamic evalu
Thank you, Dr. Kay,

> I think the working group therefore felt that (a) there should always be
> a way for users (or system managers) to disable the feature,
> and (b) on some environments, such as mobile devices, the feature might not
be available at all.

Then I think the phrase "and they may disable it unconditionally"
reflects the requirement (b) above.

Is my understanding correct?



--
Cheers,
Dimitre Novatchev



On Sun, Feb 15, 2015 at 1:02 PM, Michael Kay mike@xxxxxxxxxxxx
<xsl-list-service@xxxxxxxxxxxxxxxxxxxxxx> wrote:
> As I understand it, there are two kinds of anxiety about xsl:evaluate that
led to these provisions being included in the spec: anxieties that dynamic
XPath evaluate could cause a security risk (through executing untrusted code),
and anxiety about the necessity to include a complete XPath parser in the
execution environment, especially in environments with limited resources such
as mobile or embedded devices. I think the working group therefore felt that
(a) there should always be a way for users (or system managers) to disable the
feature, and (b) on some environments, such as mobile devices, the feature
might not be available at all.
>
> Michael Kay
> Saxonica
> mike@xxxxxxxxxxxx
> +44 (0) 118 946 5893
>
>
>
>
> On 15 Feb 2015, at 17:52, Dimitre Novatchev dnovatchev@xxxxxxxxx
<xsl-list-service@xxxxxxxxxxxxxxxxxxxxxx> wrote:
>
>> Hi,
>> At the end of Section "10.4.4 xsl:evaluate as an optional feature" of
>> the 2nd Last Call of the W3C XSLT 3.0 specification
>>
(http://www.w3.org/TR/2014/WD-xslt-30-20141002/#evaluation-as-optional-featur
e)
>> , the last paragraph says:
>>
>> "Processors that implement xsl:evaluate should provide mechanisms
>> allowing calls on xsl:evaluate to be disabled. Implementations may
>> disable the feature by default, and they may disable it
>> unconditionally."
>>
>> My question is:
>> What is meant here by "they may disable it unconditionally" ?
>>
>> Is this something the XSLT processor decides by itself if a certain
>> kind of event occurs, and does disabling the feature "unconditionally"
>> mean that after the disablement, the feature can never be enabled
>> again?
>>
>> --
>> Cheers,
>> Dimitre Novatchev
Current Thread
<- PreviousIndexNext ->
Re: XSLT 3.0: Question about:, Michael Kay mike@xxx Thread Re: Highlighting changes in a, Manuel Souto Pico te
Re: XSLT 3.0: Question about:, Michael Kay mike@xxx Date Re: Highlighting changes in a, Manuel Souto Pico te
Month

PURCHASE STYLUS STUDIO ONLINE TODAY!

Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced!

Buy Stylus Studio Now

Download The World's Best XML IDE!

Accelerate XML development with our award-winning XML IDE - Download a free trial today!

Don't miss another message! Subscribe to this list today.
Email
First Name
Last Name
Company
Subscribe in XML format
RSS 2.0
Atom 0.3
XML Editor - Download a 15 Day Free Trial Now >
See What's New in Stylus Studio >
Buy Stylus Studio - XML Editor - Now >
Site Map | Privacy Policy | Terms of Use | Trademarks
Free Stylus Studio XML Training:
W3C Member
Stylus Studio® and DataDirect XQuery ™are products from DataDirect Technologies, is a registered trademark of Progress Software Corporation, in the U.S. and other countries. © 2004-2013 All Rights Reserved.