Le ven 30/04/2004 à 12:11, bry@itnisk.com a écrit : > Concerning my earlier post as to security > problems with the link rel="transform" part > of GRDDL it might be better to have a > defined grddl grammar that would be > interpreted as a literal result element > stylesheet, i.e. > > <grddl xmlns="some url that ends with grddl > probably" Why do you put the result tree in this grddl root element rather than in a rdf:RDF one? > Although this makes the xsl-t less powerful > it does reduce the security concerns (there > are still some but they are rather minor > ones) It does indeed remove the threat of xsl:include and xsl:import. Are there any other security concerns that alleviated by this form? Thanks, Dom -- Dominique Hazaël-Massieux - http://www.w3.org/People/Dom/ W3C/ERCIM mailto:dom@w3.orgReceived on Monday, 3 May 2004 04:29:32 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 8 January 2008 14:14:59 GMT