From 3ca05b15d6c47446e89128b405b9ffce8a418a3c Mon Sep 17 00:00:00 2001
From: "http://kerravonsen.dreamwidth.org/"
 <http://kerravonsen.dreamwidth.org/@web>
Date: Tue, 1 Dec 2009 18:30:25 -0500
Subject: [PATCH] reply to comment

---
 doc/plugins/contrib/xslt/discussion.mdwn | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/doc/plugins/contrib/xslt/discussion.mdwn b/doc/plugins/contrib/xslt/discussion.mdwn
index a549681de..3288150a4 100644
--- a/doc/plugins/contrib/xslt/discussion.mdwn
+++ b/doc/plugins/contrib/xslt/discussion.mdwn
@@ -14,3 +14,9 @@ this be used to attack the server where it is built? I know that xslt is
 really a full programming language, so I assume at least DOS attacks are
 possible. Can it also read other arbitrary files, run other programs, etc?
 --[[Joey]] 
+
+> For the first point, agreed.  It should probably check that the data file has a `.xml` extension also.  Will fix soon.
+
+> For the second point, I think the main concern would be resource usage.  XSLT is a pretty limited language; it can read other XML files, but it can't run other programs so far as I know.
+
+> -- [[KathrynAndersen]]
-- 
2.32.0.93.g670b81a890