XSL Maturity?
1 view
Skip to first unread message
jot
Aug 19, 2006, 1:43:05 PM8/19/06
to XSLT
How well is XSL supported in modern browsers? Can I somewhat safely
replace the HTML documents I have today with browser parsed ones or
should the webserver be used to translate/transform the XML?
replace the HTML documents I have today with browser parsed ones or
should the webserver be used to translate/transform the XML?
Wim W.A. ten Brink
Aug 21, 2006, 3:42:59 AM8/21/06
to XS...@googlegroups.com
Keep in mind that if you send XML/XSLT to a browser and the user
selects View/Source, the user will just see the XML contents and not
the source of the HTML page. I think you should consider if this is
desired behaviour or not. It would be desired if there are also other
applications that will extract the XML from your site without
performing any transformations.
My personal preference would be to transform them server-side, though. Even though most modern browsers can do the transformation for you, I prefer to keep the older browsers in mind. Besides, I don't want users to directly see the contents of my XML files. :-)
I even wonder if IE will allow these transformations in the future, since executing transformation means IE has to execute some client-side code. And knowing Microsoft, they will probably work around this problem by just disabling this functionality or popping up a warning that the page wants to execute some possibly insecure code.
Or IE will just allow it, thus causing all kinds of security risks since an XSLT file can contain and execute JavaScript. And if such a script contains some hazardous code...
Anyway, just avoid the possible nasty problems that you can encounter with client-side transformations. It's not worth it.
--
With kind regards,
\/\//\ Wim,
W.A. ten Brink
My personal preference would be to transform them server-side, though. Even though most modern browsers can do the transformation for you, I prefer to keep the older browsers in mind. Besides, I don't want users to directly see the contents of my XML files. :-)
I even wonder if IE will allow these transformations in the future, since executing transformation means IE has to execute some client-side code. And knowing Microsoft, they will probably work around this problem by just disabling this functionality or popping up a warning that the page wants to execute some possibly insecure code.
Or IE will just allow it, thus causing all kinds of security risks since an XSLT file can contain and execute JavaScript. And if such a script contains some hazardous code...
Anyway, just avoid the possible nasty problems that you can encounter with client-side transformations. It's not worth it.
--
With kind regards,
\/\//\ Wim,
W.A. ten Brink
Reply all
Reply to author
Forward
0 new messages