- From: Michael Rys <mrys@microsoft.com>
- Date: Thu, 3 Feb 2005 11:29:19 -0800
- To: "Laurens Holst" <lholst@students.cs.uu.nl>
- Cc: <public-qt-comments@w3.org>
It is general practice (and a requirement in my opinion), that fn:doc()/fn:document() should use a URI resolver that provides enough security mechanisms to allow programmers to deal with this issue. Best regards Michael > -----Original Message----- > From: Laurens Holst [mailto:lholst@students.cs.uu.nl] > Sent: Thursday, February 03, 2005 12:30 AM > To: Michael Rys > Cc: public-qt-comments@w3.org > Subject: Regarding dynamic execution of expressions & security (Was: Re: > [F&O] Casting to xs:NOTATION, xs:QName not clarified) > > Michael Rys wrote: > > The problem is that in some implementation environments, dynamic > > execution of expressions is considered a security risk and it is not > > clear how this will relate to static typing of the query and some other > > issues. The WG has decided to not standardize this aspect in this > > version to gain more experience with the existing language feature and > > to maybe adding it at a later point (vNext). > > A small comment regarding the security risk argument: XSLT allows access > to external documents using the document() function. These document URIs > are regular strings, which can be taken from the document (and > frequently are, e.g. when rendering multiple documents based on an XML > file with a TOC), and are not necessarily limited to local paths. This > basically allows access to arbitrary external documents and IMHO this is > a much larger security risk, yet that didn't prevent standardisation. > > My 2¢. > > > ~Grauw > > -- > Ushiko-san! Kimi wa doushite, Ushiko-san nan da!!
Received on Thursday, 3 February 2005 19:29:43 UTC