Re: "Safe Mode" processing for XSLT

Florent Georges <fgeorges@fgeorges.org> writes:
> Waw, interesting!  Do you have more details about what it does, exactly?

Uhm. It forbids all of the fileutils steps, it does seem to attempt to
forbid access to file: URIs, it rejects attempts to instantiate
extension steps (rather crudely), and forbids access to
p;directory-list, p:exec, and p:store.

That's probably not really enough, but...

                                        Be seeing you,
                                          norm

-- 
Norman Walsh
Lead Engineer
MarkLogic Corporation
Phone: +1 512 761 6676
www.marklogic.com

Received on Tuesday, 2 June 2015 14:32:15 UTC