xml和xsl结合 --在客户端的实现的安全性问题

djzerotech 2004-10-26 10:34:55
下面的脚本部署在服务器上..用户访问时报安全性问题
但是如果将这个脚本和xml,xsl部署在一起的时候则没有这个问题
请教各位大拿,如果解决这个问题
如果不能解决,各位大拿还有什么好注意将一台机器的xml和另外一台机器的xsl结合起来....
<html>
<body>
<script language="javascript">
// Load XML
var xml = new ActiveXObject("Microsoft.XMLDOM")
xml.async = false
xml.load("http://10.19.99.133:7001/cd_catalog.xml")
// Load the XSL
var xsl = new ActiveXObject("Microsoft.XMLDOM")
xsl.async = false
xsl.load("http://10.19.92.33:8080/cd_catalog.xsl")
// Transform
document.write(xml.transformNode(xsl))
</script>
</body>
</html>

...全文
80 8 打赏 收藏 举报
写回复
8 条回复
切换为时间正序
当前发帖距今超过3年,不再开放新的回复
发表回复
djzerotech 2004-10-26
  • 打赏
  • 举报
回复
谢谢...但是我要的客户端javascript解析
情况是这样的..
我们的xml文件在另外一台服务器上面
我们的xsl和html在weblogic服务上面
用户直接访问html文件....但如上写...ie报安全性错误
vcvj 2004-10-26
  • 打赏
  • 举报
回复
xsl.loadXML( instead of xsl.load
vcvj 2004-10-26
  • 打赏
  • 举报
回复
Functional Area URI Prefix
core http://java.sun.com/jstl/core c


var xsl = new ActiveXObject("Microsoft.XMLDOM")
xsl.async = false
xsl.load("<c:import url="http://10.19.92.33:8080/cd_catalog.xsl"/>");

vcvj 2004-10-26
  • 打赏
  • 举报
回复
Importing Resources
There is a wide variety of resources that a page author might be interested in
including and/or processing within a JSP page. For instance, the example below
shows how the content of the README file at the ftp site of acme.com could be
included within the page.
In the JSP specification, a <jsp:include> action provides for the inclusion of static
and dynamic resources located in the same context as the current page. This is a very
convenient feature that is widely used by page authors.
However, <jsp:include> falls short in flexibility when page authors need to get
access to resources that reside outside of the web application. In many situations,
page authors have the need to import the content of internet resources specified via
an absolute URL. Moreover, as sites grow in size, they may have to be implemented
as a set of web applications where importing resources across web-applications is a
requirement.
<c:import url=”ftp://ftp.acme.com/README”/>
vcvj 2004-10-26
  • 打赏
  • 举报
回复
<c:import>
Import the content of a URL-based resource.
Syntax
Syntax 1: Resource content inlined or exported as a String object
<c:import url=”url” [context=”context”]
[var=”varName”] [scope=”{page|request|session|application}”]
[charEncoding=”charEncoding”]>
optional body content for <c:param> subtags
</c:import>
Syntax 2: Resource content exported as a Reader object
<c:import url=”url” [context=”context”]
varReader=”varReaderName”
[charEncoding=”charEncoding”]>
body content where varReader is consumed by another action
</c:import>
cxz7531 2004-10-26
  • 打赏
  • 举报
回复
为什么要使用html+xml呢?直接用xslt转化xml
djzerotech 2004-10-26
  • 打赏
  • 举报
回复
能不能详细点...以前没有用过...现在又急...谢了
vcvj 2004-10-26
  • 打赏
  • 举报
回复
JSTL: include context from remote;

var xxx="<jstl .... include..../>";
xsl.loadXML(xxx);
相关推荐
发帖
Java

4.9w+

社区成员

Java相关技术讨论
javaspring bootspring cloud 技术论坛(原bbs)
社区管理员
  • Java相关社区
  • 小虚竹
  • 谙忆
加入社区
帖子事件
创建了帖子
2004-10-26 10:34
社区公告
暂无公告