The XML Schema specification specifies how the schemaLocation attribute can
be used, and how import can be used. Note that the only attribute required
for the import element is the namespace, the location attribute is only a
hint to the processor. The location of the schema need not be specified if
the processor can get it some other way, such as the schemaLocation
attribute or some mechanism specific to the processor (such as the Xerces
externalSchemaLocation property). Similarly, the schemaLocation attribute
is regarded as only a hint to the schema processor -- if the processor has
some other way of obtaining locations, it is allowed to use it and ignore
the schemaLocation attribute.
The designers of the XML Schema spec had in mind various issues of security
and contract adherence in making these provisions. The idea is that
organization B is providing documents to A supposedly in accordance with
some agreement they've made. Org. A will validate the documents with its
known-to-be-secure-and-unaltered copy of the agreed-upon schema, not some
random URL that B might put into the schemaLocation attribute in an effort
to cheat, or a copy that might represent the next version of the agreed-upon
schema which A's processor has not yet been upgraded to handle.
Jeff
----- Original Message -----
From: "Adachi Seiichi" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, August 27, 2003 5:00 AM
Subject: Re: Schema validation using multiple schemas
> Thanks for the explanation on the schema processors. I now understand
> better on how they are implemented and how they work. Is the general
> principle Jeff stated specified in some specification?
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
