24521 – xsl:evaluate prohibits use of math and map functions

This is an archived snapshot of W3C's public bugzilla bug tracker, decommissioned in April 2019. Please see the home page for more details.

Bug 24521 - xsl:evaluate prohibits use of math and map functions

Summary: xsl:evaluate prohibits use of math and map functions

Status:	CLOSED FIXED

Alias:	None

Product:	XPath / XQuery / XSLT
Classification:	Unclassified
Component:	XSLT 3.0 (show other bugs)
Version:	Last Call drafts
Hardware:	PC Windows NT

Importance:	P2 normal
Target Milestone:	---
Assignee:	Michael Kay
QA Contact:	Mailing list for public feedback on specs from XSL and XML Query WGs

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2014-02-05 17:21 UTC by Abel Braaksma
Modified:	2014-02-22 18:44 UTC (History)
CC List:	1 user (show)

See Also:

Attachments

Description Abel Braaksma 2014-02-05 17:21:19 UTC

Currently, under 10.4.1 Static context for the target expression (http://www.w3.org/TR/xslt-30/#evaluate-static-context), sixth dot, we say:

"Function signatures: All core functions; constructor functions for named simple types included in the in-scope schema definitions; all user-defined functions and accumulator functions present in the containing package provided their visibility is not hidden or private; and an implementation-defined set of extension functions."

In the spec, core functions are defined as the set of functions in the standard function namespace "http://www.w3.org/2005/xpath-functions".

I think this is too strict. I don't see any reason to disallow math functions or map functions.

In addition, I would like to have the ability to limit the range of functions. I.e., I can imagine that implementations would like to prevent usage of doc() and unparsed-text() for obvious security reasons. This, of course, could be a totally implementation defined user option, but it should be possible to have this restriction on by default.

Comment 1 C. M. Sperberg-McQueen 2014-02-12 08:27:28 UTC

We discussed this issue in Prague.

The current definition of 'core functions' appears to need updating to include all the functions in F and O, not just the fn:* functions.  (Constructors may need special attention.)  

On consideration, we leaned toward defining 'core functions' to include fn:* and math:* and map:* and to exclude constructor 'functions' and the op:* pseudo-namespace.

In connection with the last paragraph of the issue, the WG inclined to believe that the right solution would be to specify that the set of available documents is empty, or restricted in some way (e.g. no file: URIs).  It would probably be useful to have a note mentioning this and specifying that implementations are allowed to restrict the dynamic context.

Comment 2 Michael Kay 2014-02-22 18:44:19 UTC

Changes applied:

1: change the definition of core functions to include the math and map namespaces

2: allow processors to restrict the availability of external documents in xsl:evaluate for security reasons.