Learn how to a build a cloud-first strategyRegister Now

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 469
  • Last Modified:

Encrypt XSL


I'm looking for a solution to protect the xsl from our outsite vendors from seeing it. I'm creating a Java desktop application to do the transform works.

Is there a secure way to encrypt the xsl? I think the XSL can be compiled into a class. I wonder how secure it could be if somebody try to reverse engineer it to get to the source (or close to the original source).

I hope the experts in this field can provide some valuable insight.

I'm open to other suggestion as well. Thank you!


2 Solutions
First thing that comes to mind is: Saxon 8 allows you to precompile stylesheets, making it not easily human readable. Also speeds up the process if you use the same xsl many times.

Alternatively, you could encrypt all your xsl files, and decrypt them in your java application before running the transformations.
owonseedAuthor Commented:
Saxon has limitation on the XSL compilation:

"Stylesheet compilation is not currently supported for schema-aware stylesheets, specifically, for stylesheets that contain an <xsl:import-schema> declaration."

This unfortunately does not allow me to use the Saxon XSL Compilation.

If I encrypt the XSL using java, and decrypt it when I need it, would the decrypted XSL be stored as memory or physical file in local temp folder? My concern is whether a user can look for the decrypted XSL file from the local file system.

- OwonSeed
Geert BormansCommented:
Hi owonseed,

unless you have a schema aware stylesheet (if you do you are basically bound to Saxon)
xsltc would be the first that comes to my mind
(this is java bytecode generated by xalan)


Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now