Hi Timo,
XalanC does not support the redirect extension. In fact it does not
support extension elements period.
It only supports extension functions, which you can read about in the
documentation.
Note that we are pushing the use of the Xalan.exe over testxslt.exe because
it's a simplified interface that
strictly uses the XalanTransformer class. However, both of those command
line executable's
support a output option, but that feature is quite different from the
redirect extension found with XalanJ.
Paul
timo harmo
<[EMAIL PROTECTED] To:
[email protected]
nki.fi> cc: (bcc: Paul
Dick/Cambridge/IBM)
Subject: secure mode / redirect
02/27/2002 10:30
AM
I just found out in comp.text.xml that xalan has a Redirect-extension.
(thread "1 input -> 3 outputs")
I'm writing a "cgi-frontend" that allows users to submit forms / files,
transforms the cgi-form variables to xml and lets users specify a
stylesheet to apply to that xml-file. I'd like to be sure that calling
testxslt -in xml_genatered_from_cgi-input -out somethingthatIallow.htm
-xsl anyfileanywhere.xsl
would only be able to write to the file I have allowed.
Are there other things besides Redirect that may be problematic in in
cgi-settings in xalan and should be disabled for some applications?
I think there could be also others that would like a "secure mode" for
xalan.
I use the C-version, and do not have a c-compiler.
-Timo
