- From: Chimezie Ogbuji <ogbujic@bio.ri.ccf.org>
- Date: Thu, 28 Sep 2006 17:35:01 -0400 (EDT)
- To: GRDDL Working Group <public-grddl-wg@w3.org>
On Thu, 28 Sep 2006, Dan Connolly wrote: > An XSLT transformation that uses document() has another > input besides the source document. So the result depends > not just on the transformation and the source document, > but also on the resource referenced in the document() function; > i.e. it depends on what's going on in other parts of the Web. > > The GRDDL spec is saying: if you do that, all bets are off! > i.e. "it is an error" in the sense of "if you do that, > you have stepped outside the scope of this specification, > and we don't make any promises about interoperability." > > Maybe that's too strong, but it seemed like the conservative > approach at the time it first occurred to me. Actually I think the conservative approach is appropriate given the general security [1] issues with the document function - it could facilitate the loading / inclusion of source documents from untrusted domains. It's the same concern with the other linking mechanisms in XSLT that take URIs: xsl:include and xsl:import. Though perhaps, the less conservative approach would be to allow the 'GRDDL-aware agent' to make a determination relative to a local policy. I.e., give it the same latitude it has in determining which transformations to apply in the first place. [1] http://windowssdk.msdn.microsoft.com/en-us/library/ms763800.aspx Chimezie Ogbuji Lead Systems Analyst Thoracic and Cardiovascular Surgery Cleveland Clinic Foundation 9500 Euclid Avenue/ W26 Cleveland, Ohio 44195 Office: (216)444-8593 ogbujic@ccf.org
Received on Thursday, 28 September 2006 21:35:12 UTC