Re: [Cocoon Users] Re: Xalan and Cocoon gives different result fo r some XSL

[Jason T <l-...@ahab.com>]

On Fri, Sep 22, 2000 at 03:53:08PM -0400, Stephen Zisk wrote:
> 
> Of course, masking the XML source cannot make up for lazy design or poorly 
> implemented security, but exposing the source may be a potential unlocked 
> door for knob twisters.

This is all very true... a careful reading of news reports about hacks
(even in contests) reveals that unprotected or insecurely designed web
applications may be responsible for more site cracks than you'd
normally think.

That being said, you could implement the source viewing extension with
zero programming by using the sample view-source application and one
apache rewrite rule to do the following transformation on the uri: 

/foo/bar.xmls -> /view-source?filename=/docroot/foo/bar.xml

Re: [Cocoon Users] Re: Xalan and Cocoon gives different result fo r some XSL

[Andrew Wat <cs...@cs.ust.hk>]

Hello,

> That being said, you could implement the source viewing extension with
> zero programming by using the sample view-source application and one
> apache rewrite rule to do the following transformation on the uri: 
> 
> /foo/bar.xmls -> /view-source?filename=/docroot/foo/bar.xml

Thanks for this pointer.
 
I think I can conclude that I cannot use the particular XSL that I want
to use (which has the collapsable tree JavaScript effect) unless I
tweak around with view-source XSP to incorporate this particular XSL.

I also thank others pointing out the security issue.

Thanks
Andrew