|
|
|
|
|
|
by zgk7iqea
217 days ago
|
|
|
Very interesting, thanks. One point from one of the linked threads I find particularly puzzling: > I think the issue with XSLT isn't necessarily the size of the attack surface, it's the lack of attention and usage. > I.e. nearly 100% of sites use JS, while 1/10000 of those use XSLT. So all of the engineering energy (rightfully) goes to JS, not XSLT. XSLT is a finished standard. Not everything needs to evolve. If the implementation works and is safe, what speaks against keeping it? |
|
|