RE: additional tests + security issues

> 
> You may be interested in
> 
> http://jena.sourceforge.net/test/grddl/
> 

Neat.

> Three of these tests explore security issues.
> I would like the jena implementation to refuse to honour the 
> document() function at all, and disable some 'unsafe' XSLT2 features.

While I think that's an understandable approach it would preclude
documents from referencing external descriptions of the RDF patterns. As
a concrete example, I'm currently mulling over an alternative to
Embedded RDF that allows the specification of markup semantics to be
declared in an external file. The advantages of this approach are
similar to those you get with referencing a single external CSS rather
than having it inline in every document on a site, i.e. reusablity and
seperation of concerns. To support this via GRDDL and XSLT I'd need to
use the document function to access and parse the external metadata
description.


Ian
 
The very latest from Talis
read the latest news at www.talis.com/news 
listen to our podcasts www.talis.com/podcasts 
see us at these events www.talis.com/events 
join the discussion here www.talis.com/forums 
join our developer community www.talis.com/tdn 
and read our blogs www.talis.com/blogs

 
Any views or personal opinions expressed within this email may not be those of Talis Information Ltd. The content of this email message and any files that may be attached are confidential, and for the usage of the intended recipient only. If you are not the intended recipient, then please return this message to the sender and delete it. Any use of this e-mail by an unauthorised recipient is prohibited.
 
 
Talis Information Ltd is a member of the Talis Group of companies and is registered in England No 3638278 with its registered office at Knights Court, Solihull Parkway, Birmingham Business Park, B37 7YB.

Received on Thursday, 25 January 2007 18:53:22 UTC