You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by "Scott Cantor (JIRA)" <ji...@apache.org> on 2010/12/07 19:34:13 UTC
[jira] Updated: (SANTUARIO-160) XSLT transformation should not be
canonicalized
[ https://issues.apache.org/jira/browse/SANTUARIO-160?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Scott Cantor updated SANTUARIO-160:
-----------------------------------
Fix Version/s: C++ 1.6.0
> XSLT transformation should not be canonicalized
> -----------------------------------------------
>
> Key: SANTUARIO-160
> URL: https://issues.apache.org/jira/browse/SANTUARIO-160
> Project: Santuario
> Issue Type: Bug
> Components: C++
> Affects Versions: C++ 1.5.1
> Environment: Operating System: Windows XP
> Platform: PC
> Reporter: Matej Spiller-Muys
> Assignee: XML Security Developers Mailing List
> Fix For: C++ 1.6.0
>
> Attachments: DSIGTransformXSL.cpp.patch, XSECDomToSafeBuffer.cpp, XSECDomToSafeBuffer.hpp
>
>
> After XSLT transformation, xml security canonicalize it. This is wrong according to standard. User should manually append c14n transfomation.
> From standard:
> The output of this transform is an octet stream. The processing rules for the XSL style sheet or transform element are stated in the XSLT specification [XSLT]. We RECOMMEND that XSLT transform authors use an output method of xml for XML and HTML. As XSLT implementations do not produce consistent serializations of their output, we further RECOMMEND inserting a transform after the XSLT transform to canonicalize the output. These steps will help to ensure interoperability of the resulting signatures among applications that support the XSLT transform. Note that if the output is actually HTML, then the result of these steps is logically equivalent [XHTML].
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.