Re: "Safe Mode" processing for XSLT

Thanks Norm!

If I understand correctly, then, this existing "safe mode" feature would
allow me to run "safe" XProc pipelines consisting entirely of "safe" steps
including XSLT in its own safe mode, but it does not (currently) allow me
to run individual steps in a safe mode, as part of a larger pipeline which
included unsafe steps?

I do need to be able to read and write files, but I could certainly make
use of that "safe mode" feature to run an extra instance of my XProc
server, with Calabash configured in safe mode, just as a sandbox for
running user-supplied XSLT. My unsafe pipelines could use p:http-request to
request execution of XSLT in the "sandbox" instance of Calabash.


On 3 June 2015 at 01:34, Norman Walsh <> wrote:

> Florent Georges <> writes:
> > On 2 June 2015 at 16:31, Norman Walsh wrote:
> >> Uhm. It forbids all of the fileutils steps, it does seem to attempt to
> >> forbid access to file: URIs, it rejects attempts to instantiate
> >> extension steps (rather crudely), and forbids access to
> >> p;directory-list, p:exec, and p:store.
> >
> >   So that's at the Calabash level itself, isn't it?  Not at the p:xslt
> > level?  Do the same limitations apply (transitively) to p:xslt and
> > p:xquery?
> The standard XSLT and XQuery I/O functions go through the resolver
> which is where the restriction is imposed, so "yes" to a large extent.
> I'm not promising that there isn't some weird Saxon extension function
> that I don't know about that does file I/O directly :-)
>                                         Be seeing you,
>                                           norm
> --
> Norman Walsh
> Lead Engineer
> MarkLogic Corporation
> Phone: +1 512 761 6676

Received on Wednesday, 3 June 2015 04:03:09 UTC