- From: Henry S. Thompson <ht@inf.ed.ac.uk>
- Date: Thu, 27 Nov 2008 11:28:51 +0000
- To: public-xml-processing-model-comments@w3.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
My reading of the XSLT 2 spec. (and the way Saxon works) suggest we have
something that at least needs work: xsl:result-document with an
explicit "href" attribute is defined to (try to) write a document to
the specified location. Do we care? Insofar as XSLT processors are
likely to expose some security controls to the user, should we at
least add an option which attempts to expose that control to the
pipeline author? Or should we mandate locking this down unilaterally?
At the very least we need to call attention to this, I think.
ht
- --
Henry S. Thompson, School of Informatics, University of Edinburgh
Half-time member of W3C Team
10 Crichton Street, Edinburgh EH8 9AB, SCOTLAND -- (44) 131 650-4440
Fax: (44) 131 651-1426, e-mail: ht@inf.ed.ac.uk
URL: http://www.ltg.ed.ac.uk/~ht/
[mail really from me _always_ has this .sig -- mail without it is forged spam]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
iD8DBQFJLoRzkjnJixAXWBoRAsXYAJ9f+Xv1qW/k6tG4Hq13lkr/D9B+dwCfZxQ4
7RhtoO2Ur504RnhpTuvr4bE=
=4KuM
-----END PGP SIGNATURE-----
Received on Thursday, 27 November 2008 11:29:29 UTC