Month: May 2006

Just thought I would share a couple of links on XML entity references:

• developerWorks – Tip: Simplify with entity references
• ENTITY declaration
• Entities and XSLT

Nice combined overview of what’s new in the upcoming release 3.2 of the Eclipse IDE at The EclipseZone.

I’m currently doing some work with XML and representing it as HTML in browsers using XSLT by including a reference to a style sheet. To reduce dublicating too much information across the different XML files I produce and use external entity references.

For those that doesn’t know what an external entity reference is let me give a short explanation. Bascially XML allows you to define an entity using the DOCTYPE declaration that may be referenced from within the XML document. A reference to an XML fragment as an entity may be internal (in the document itself) or external (in another file). The below code snippet shows how to reference an external file as an entity:

<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE file_contents [
   <!ENTITY external_info SYSTEM "external_info.xml">
   <!ENTITY internal_info "Some internal information">
]>
<file_contents>
   &external_info;
   &internal_info;
</file_contents>

In the above example the &external_info; will be replaced with the contents of the external_info.xml file and &internal_info; will be replaced with “Some internal information” when the file is parsed.

I found one limitation though when using external entity references in that Firefox doesn’t include XML from these external references in the source document for the XSLT transformation (or when previewing the document). This isn’t an issue in Internet Explorer at all so for this particular project it’s nice that the users are on Internet Explorer.

After researching the issue on Google I found an article on developerWorks (XML in Firefox 1.5, Part 2: Basic XML processing) that confirms my findings:

"As far as reading external files, Firefox does not read any external entities at all, whether parameter entities (such as DTDs and DTD fragments) or general entities (external, well-formed XML fragments). <snip /> Support of such external entities does have possible security implications, and possible performance implications, but both have workarounds, and I hope Firefox addresses these limitations soon."

I’m using Firefox 1.5.0.3 on Windows XP Prof. SP2.

As previously posted I had a problems with having multiple startup pages when running with the Tab Mix Plus extension in Firefox. I posted the issue in the extension forum and the issue was fixed in the dev. build. See the message in the forum for a link to the dev. build if you’re interested.

Saw a very interesting post on Java thread synchronization in the Notes/Domino 6 and 7 Forum over at Lotus developerWorks. I see that Julian already posted a reply but he also admits he’s not exactly a subject matter expert. Anyone else who has some information on the subject that they dare to share?

Link to post: Java Thread Synchronization in HTTP JVM

Don’t know if you are aware of this but in Firefox you can open multiple tabs automatically when the browser starts – kind of like homepage on steoroids. You do this by separating the URLs with the pipe character (|) in the list of homepages in the options (on the General tab in ToolsOptions…). I use this a lot if I found some information I do not care bookmarking but I’ll need the next day.

There seems to be a problem with this feature however. When reopening the browser the tabs will not expand and show the page titles (see screenshot below) until I close one tab. After researching a bit it turned out to be caused by the otherwise excellent Tab Mix Plus extension. Disabling the extension removes the issue. Hmm….

The issue is on Firefox 1.5.0.3 and Tab Mix Plus 0.3.0.5 on Windows XP SP2.

Received a nice quote by John Preston of Boston University from my big brother:

“The nicest thing about not planning is that failure comes as a complete surprise and not preceded by a period of worry and depression.”

If you are running RealVNC for remote access you should make sure to upgrade the server software due to a recently discovered critical vulnerability. This is especially true if the VNC machine is available on the standard port and without VPN requirements.

“Using the following method, it is trivial to gain access to any RealVNC server without knowing the password. This allows full control of the target machine, with privilege levels equalling that of the user under which the RealVNC server runs – often full Administrator access on Windows desktops.”

Full article on securityfocus.com: RealVNC 4.1.1 Remote Compromise

“The DSKTOOL.EXE Utility essentially remediates the users desktop icons in a recertification exercise.”

Technote 4004260