I'm not really worried about security with axkit at this point in time. Although, it would be nice to be able to limit the amount of data that it will accept in a param.
simon
On Friday, February 28, 2003, at 05:21 PM, Kip Hampton wrote:
Third, params passed in via <xsl:param> arguably do not share many of the same risks as raw CGI params in a Perl script (for example). Given XSLT's lack of real side effects, even if the stylesheet author is over-trusting on the params that they ask for, the most a scriptkiddie is likely to achieve is blowing up the transformation for their own request.
-- www.simonwoodside.com -- 99% Devil, 1% Angel
-- anti-spam: do not post this address publicly www.simonwoodside.com -- 99% Devil, 1% Angel
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]