[redland-dev] [Raptor RDF Parsing and Serializing Library 0000296]: Provide a way to avoid calling xsltSetDefaultSecurityPrefs

Mantis Bug Tracker mantis-bug-sender at librdf.org
Mon Mar 30 06:25:44 CEST 2009 

The following issue has been SUBMITTED. 
====================================================================== 
http://bugs.librdf.org/mantis/view.php?id=296 
====================================================================== 
Reported By:                Dave Beckett
Assigned To:                
====================================================================== 
Project:                    Raptor RDF Parsing and Serializing Library
Issue ID:                   296
Category:                   api
Reproducibility:            have not tried
Severity:                   minor
Priority:                   normal
Status:                     new
Parsing/Serializing Syntax: grddl 
====================================================================== 
Date Submitted:             2009-03-30 04:25
Last Modified:              2009-03-30 04:25
====================================================================== 
Summary:                    Provide a way to avoid calling
xsltSetDefaultSecurityPrefs
Description: 
Michael Stahl wrote 2008-09-29 on redland-dev (re Openoffice.org):

...plus, i recently found an additional issue:
raptor's grddl parser's init function calls the libxslt function 
xsltSetDefaultSecurityPrefs, which modifies a global variable in libxslt.
as a result, other parts of our program that use libxslt fail (see [1]).
i'm not sure exactly what to do about this, because i don't know the 
libxslt api. it would be nice if there were some way to set these security

prefs on the actual parsing or transformation function call. no, actually

that would not just be nice, but necessary.
ah, finally found these:
http://xmlsoft.org/XSLT/html/libxslt-security.html#xsltSetCtxtSecurityPrefs
http://xmlsoft.org/XSLT/html/libxslt-transform.html#xsltApplyStylesheetUser
i guess using these would work?

...
[1] http://www.openoffice.org/issues/show_bug.cgi?id=93768

====================================================================== 

Issue History 
Date Modified    Username       Field                    Change               
====================================================================== 
2009-03-30 04:25 Dave Beckett   New Issue                                    
2009-03-30 04:25 Dave Beckett   Parsing/Serializing Syntax => grddl           
======================================================================

More information about the redland-dev mailing list