Re: "Safe Mode" processing for XSLT

Florent Georges <fgeorges@fgeorges.org> writes:
> On 2 June 2015 at 16:31, Norman Walsh wrote:
>> Uhm. It forbids all of the fileutils steps, it does seem to attempt to
>> forbid access to file: URIs, it rejects attempts to instantiate
>> extension steps (rather crudely), and forbids access to
>> p;directory-list, p:exec, and p:store.
>
>   So that's at the Calabash level itself, isn't it?  Not at the p:xslt
> level?  Do the same limitations apply (transitively) to p:xslt and
> p:xquery?

The standard XSLT and XQuery I/O functions go through the resolver
which is where the restriction is imposed, so "yes" to a large extent.
I'm not promising that there isn't some weird Saxon extension function
that I don't know about that does file I/O directly :-)

                                        Be seeing you,
                                          norm

-- 
Norman Walsh
Lead Engineer
MarkLogic Corporation
Phone: +1 512 761 6676
www.marklogic.com

Received on Tuesday, 2 June 2015 15:34:59 UTC