summaryrefslogtreecommitdiff
path: root/doc/plugins/contrib/xslt/discussion.mdwn
diff options
context:
space:
mode:
Diffstat (limited to 'doc/plugins/contrib/xslt/discussion.mdwn')
-rw-r--r--doc/plugins/contrib/xslt/discussion.mdwn27
1 files changed, 27 insertions, 0 deletions
diff --git a/doc/plugins/contrib/xslt/discussion.mdwn b/doc/plugins/contrib/xslt/discussion.mdwn
index 9cda02f88..72cce083c 100644
--- a/doc/plugins/contrib/xslt/discussion.mdwn
+++ b/doc/plugins/contrib/xslt/discussion.mdwn
@@ -20,3 +20,30 @@ possible. Can it also read other arbitrary files, run other programs, etc?
> For the second point, I think the main concern would be resource usage. XSLT is a pretty limited language; it can read other XML files, but it can't run other programs so far as I know.
> -- [[KathrynAndersen]]
+
+>> XSLT is, indeed, a Turing-complete programming language.
+ However, [XML::LibXSLT][] provides a set of functions to help
+ to minimize the damage that may be caused by running a random
+ program.
+
+>> In particular, `max_depth ()` allows for the maximum
+ recursion depth to be set, while
+ `read_file ()`, `write_file ()`, `create_dir ()`,
+ `read_net ()` and `write_net ()`
+ are the callbacks that allow any of the possible file
+ operations to be denied.
+
+>> To be honest, I'd prefer for the `read_file ()` callback to
+ only grant access to the files below the Ikiwiki source
+ directory, and for all the `write_`… and
+ …`_net` callbacks to deny the access unconditionally.
+
+>> One more wishlist item: allow the set of locations to take
+ `.xsl` files from to be preconfigured, so that, e. g.,
+ one could allow (preasumably trusted) system stylesheets,
+ while disallowing any stylesheets that are placed on the Wiki
+ itself.
+
+>> — Ivan Shmakov, 2010-03-28Z.
+
+[XML::LibXSLT]: http://search.cpan.org/~PAJAS/XML-LibXSLT/LibXSLT.pm