Transforms XML data using an XSLT style sheet.
Assembly: System.Xml (in System.Xml.dll)
The class is an XSLT processor that supports the XSLT 1.0 syntax. It is a new implementation and includes performance gains when compared to the obsolete XslTransform class. The structure of the class is very similar to the XslTransform class. The Load method loads and compiles the style sheet, while the Transform method executes the XSLT transform.
When creating an application that uses the class, you should be aware of the following items and their implications:
XSLT scripting is disabled by default. XSLT scripting should be enabled only if you require script support and you are working in a fully trusted environment.
XSLT style sheets can include references to other files and embedded script blocks. A malicious user can exploit this by supplying you with data or style sheets that when executed can cause your system to process until the computer runs low on resources.
XSLT applications that run in a mixed trust environment can result in style sheet spoofing. For example, a malicious user can load an object with a harmful style sheet and hand it off to another user who subsequently calls the Transform method and executes the transformation.
These security issues can be mitigated by not enabling scripting or the document() function unless the style sheet comes from a trusted source, and by not accepting objects, XSLT style sheets, or XML source data from an untrusted source.
The following example executes a transform and outputs to a file.
The sample uses the following two input files:
<?xml version='1.0'?> <!-- This file represents a fragment of a book store inventory database --> <bookstore> <book genre="autobiography" publicationdate="1981" ISBN="1-861003-11-0"> <title>The Autobiography of Benjamin Franklin</title> <author> <first-name>Benjamin</first-name> <last-name>Franklin</last-name> </author> <price>8.99</price> </book> <book genre="novel" publicationdate="1967" ISBN="0-201-63361-2"> <title>The Confidence Man</title> <author> <first-name>Herman</first-name> <last-name>Melville</last-name> </author> <price>11.99</price> </book> <book genre="philosophy" publicationdate="1991" ISBN="1-861001-57-6"> <title>The Gorgias</title> <author> <name>Plato</name> </author> <price>9.99</price> </book> </bookstore>
<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="1.0"> <xsl:template match="bookstore"> <HTML> <BODY> <TABLE BORDER="2"> <TR> <TD>ISBN</TD> <TD>Title</TD> <TD>Price</TD> </TR> <xsl:apply-templates select="book"/> </TABLE> </BODY> </HTML> </xsl:template> <xsl:template match="book"> <TR> <TD><xsl:value-of select="@ISBN"/></TD> <TD><xsl:value-of select="title"/></TD> <TD><xsl:value-of select="price"/></TD> </TR> </xsl:template> </xsl:stylesheet>
If the Load method is called again in one thread while the Transform method is being called in another thread, the object finishes executing the Transform call by continuing to use the old state. The new state is used when the Load method successfully completes.
The Load method is not thread safe when called simultaneously from multiple threads.
Windows 7, Windows Vista, Windows XP SP2, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP Starter Edition, Windows Server 2008 R2, Windows Server 2008, Windows Server 2003, Windows Server 2000 SP4, Windows Millennium Edition, Windows 98
The .NET Framework and .NET Compact Framework do not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.