We have AJAX clients that are invoking XPath expressions on persistent object graphs on the server. Pretty cool, but the JXPath ability to invoke methods on the node objects (and arbitrary Java objects) within the XPath expression is a security concern (obviously). Is there a way to turn this feature off so that we only have the core XPath functions available?
Thanks - Paul Copeland --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
