Call: +44 (0)1904 557620 Call

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "Mark Rittman talks about Fine Grained Access Control"] [Next entry: "New presentation on advanced SQL Injection"]

A good paper about debugging XSLT

I noticed Shay Shmeltzer's blog post about XSLT debugging the other day on - (broken link) orablogs and made a note to have a look. I like to have a look at all things Oracle security related, some general security stuff, Oracle internals and undocumented Oracle and I am always interested in things like debuggers. Debuggers, whilst being incredibly useful for developers of the languages or environments that they are each aimed at are also useful for security researchers. Debuggers often reveal much more information about structure and form than any normal programming, editing or application interface. If you like to know more about an environment a debugger is a great tool for exploring. So when I saw Shay's post titled - (broken link) XSLT Debugging I was interested to read further.

This post leads the reader to a viewlet that shows how to debug an XSLT process with JDeveloper 10.1.3. This is a great webpage that is worth looking at as its very well created and written. It takes you at a reasonable pace through a test session. Nice paper and well worth looking at.