[Toolserver-l] Announcement - XSaLT: XSL/XSLT Simple and Lightweight Tool
Peter Körner
osm-lists at mazdermind.de
Mon Sep 12 11:41:00 UTC 2011
Am 12.09.2011 13:33, schrieb Dr. Trigon:
>>>> from lxml import etree doc = etree.parse(f) xslt_root =
>>>> etree.XML( open(xslt).read() )
>
> so why should there be a problem if the xslt would contain binary
> data (which in fact they would not since I have to upload them... ;)
I think he reffered to "the path of the xslt file" which should be
protected against containing \0 and ither special characters.
> What would be the best / most safe verification? Check for "http" in
> the beginning of the string?
Or prepending http:// if the input doesn't start with http://
Peter
More information about the Toolserver-l
mailing list