W3C home > Mailing lists > Public > public-grddl-comments@w3.org > January to March 2007

additional tests + security issues

From: Jeremy Carroll <jjc@hpl.hp.com>
Date: Thu, 25 Jan 2007 18:17:04 +0000
Message-ID: <45B8F420.8050305@hpl.hp.com>
To: public-grddl-comments@w3.org
CC: "McBride, Brian" <brian.mcbride@hp.com>

Hi Dan and others

You may be interested in

http://jena.sourceforge.net/test/grddl/

Three of these tests explore security issues.
I would like the jena implementation to refuse to honour the document() 
function at all, and disable some 'unsafe' XSLT2 features.

Unfortunately my code currently is failing those three security tests :(
I think that delays the first release.

I will be adding more tests as needed.

Jeremy
Received on Thursday, 25 January 2007 18:17:39 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 19:55:02 UTC