>What is the best way to disable extension?
I may be confused, but I don't think we currently have anything architected
for the purpose. Interesting suggestion, and in these days of "paranoia is
not enough" security it's probably worth considering.
I'd suggest posting this into Bugzilla as an Enhancement request. It
shouldn't be particularly hard to code, though there are questions of what
granularity of control is needed and how that is expressed.
(Something similar to redirect is actually built into XSLT 2.0 --
xsl:result-document. I presume you'd want to suppress that too. The working
draft does say that a processor is not required to support the
serialization of result trees, so there's room there for imposing some
controls without violating the spec.)
______________________________________
Joe Kesselman, IBM Next-Generation Web Technologies: XML, XSL and more.
"The world changed profoundly and unpredictably the day Tim Berners Lee
got bitten by a radioactive spider." -- Rafe Culpin, in r.m.filk
