<quote who="Mark Johnson" date="Tue, Jun 28, 2005 at 05:33:25PM -0400"> > W. Borgert wrote: > > >We just need to change the default values, so that people using no > >customisation XSL stuff do not have to have net access. > > > >E.g. for xhtml, we have to change for lines: > > > >css.xsl, line 28 > >graphics.xsl, line 28 > >jscript.xsl, line 26 > >params.xsl, line 42 > > > >Similar for html, don't know about fo. > > Hi Wolfgang, > > I'm not sure I understand what you're proposing. I looked at > xhtml/graphics.xsl (V1.68.1) and couldn't figure out what you mean exactly. > Can you elaborate? > > FWIW, this point has been argued a number of times. I'm of the > opinion that the packages should be configured so that they "just > work" for the largest subset of users - people who don't use xml > catalogs, in this case. However, there are those who feel quite > strongly the other way, e.g. that the sourceforge url should get > mapped to a local file via the xml catalog system. (this assumes > that one is using a catalog-aware parser/processor.)
AIUI, XSL is quite powerful and can do some pretty invasive things on a system, right? It is absolutely wrong to import code, untested and unchecked, from the Internet and run it on a users machine without asking them or even telling them. You can't trust code of the network. This behavior is *extremely* inconvenient for people working offline and dangerous for people working online. This package can have the correct dependencies so that it just works. Regards, Mako -- Benjamin Mako Hill [EMAIL PROTECTED] http://mako.cc/
signature.asc
Description: Digital signature
