Re: [xsl] Using xsl:output in browsers, was: Re [xsl] XHTML

Manfred Staudinger wrote:

There is another downside of Sarissa as it uses active-x. In corporate and government networks you will find it frequently disabled. A better solution would have been to use a PI and to load the document into iframes. This way the transformation is not dependent on JS either.

No, this is a misunderstanding of Sarissa. Sarissa makes the interface to XSLT Transformations available in a browser uniform way. IE5 and IE6 happen to use ActiveX for this (as for many many other features, as soon as you manipulate the DOM by script you invoke ActiveX), Sarissa can't help that.

Most companies I've seen, have the security settings quite high, but allow safe ActiveX controls. The reason is simple: almost no HTML enabled help page will work if you disable this, most of microsoft.com will not work and certainly not the windowsupdate.com (which is something administrators visit often). But I agree, it is a downside which is solved in IE7 where no ActiveX is involved anymore.

(as a side note, a potentially much more dangerous control, XMLHttpRequest, is also ActiveX, but does not fall under the same security restrictions because it is invoked differently.... strange world, isn't it?)

Using a PI involves the same ActiveX control, if the company cares for security, it may have disabled this entirely. Furthermore, many people consider it bad practice to show the contents of data when you request the source of a file, but that is a many debated subject.

I could drag on about the unmanageability of using PIs, its lack of parameter passing possibilities, its complete lack of flexibility, the impossibility to use or reuse parts of the result of the transformation, or the transformation objects itself and the extra effort that is needed to make all the pieces of your website work together. In the 'Ajax' community they have understood this and use browser based javascript invoked transformations. But like I said, I could go on and on, but if you know all the drawbacks and if you are willing to pay the extra effort involved, it is quite a stable and save path to go (and not popups about ActiveX, but instead, maybe, popups about cross-frame scripting).

-- Abel

Current Thread
Re: [xsl] Using xsl:output in browsers, was: Re [xsl] XHTML html validation, (continued) Abel Braaksma - Mon, 19 Feb 2007 21:32:21 +0100 M. David Peterson - Mon, 19 Feb 2007 13:51:53 -0700 Robert Koberg - Mon, 19 Feb 2007 16:22:58 -0500 Manfred Staudinger - Mon, 19 Feb 2007 22:40:19 +0100 Abel Braaksma - Mon, 19 Feb 2007 23:27:24 +0100 <= Manfred Staudinger - Tue, 20 Feb 2007 13:38:47 +0100 Robert Koberg - Tue, 20 Feb 2007 08:21:33 -0500 Abel Braaksma - Tue, 20 Feb 2007 14:25:15 +0100 Robert Koberg - Tue, 20 Feb 2007 08:42:00 -0500

Current Thread

Re: [xsl] Using xsl:output in browsers, was: Re [xsl] XHTML html validation, (continued)

<- Previous	Index	Next ->
Re: [xsl] Using xsl:output in brows, Manfred Staudinger	Thread	Re: [xsl] Using xsl:output in brows, Manfred Staudinger
Re: [xsl] Using xsl:output in brows, Manfred Staudinger	Date	Re: [xsl] Using xsl:output in brows, Abel Braaksma
	Month

<-prev [Thread] next->	<-prev [Date] next->
Month Index \| List Home

Re: [xsl] Using xsl:output in browsers, was: Re [xsl] XHTML html validation