Commit scripts, op scripts, event scripts, and SNMP scripts can be written in Extensible Stylesheet Language Transformations (XSLT), which is a standard for processing Extensible Markup Language (XML) data. XSLT is developed by the World Wide Web Consortium (W3C) and is accessible at http://www.w3c.org/TR/xslt .
XSLT is a natural match for Junos OS, with its native XML capabilities. XSLT performs XML-to-XML transformations, turning one XML hierarchy into another. It offers a great degree of freedom and power in the way in which it transforms the input XML, allowing everything from making minor changes to the existing hierarchy (such as additions or deletions) to building a completely new document hierarchy.
Because XSLT was created to allow generic XML-to-XML transformations, it is a natural choice for both inspecting configuration syntax (which Junos OS can easily express in XML) and for generating errors and warnings (which Junos OS communicates internally as XML). XSLT includes powerful mechanisms for finding configuration statements that match specific criteria. XSLT can then generate the appropriate XML result tree from these configuration statements to instruct the Junos OS user-interface (UI) components to perform the desired behavior.
Although XSLT provides a powerful scripting ability, its focus is specific and limited. It does not make Junos OS vulnerable to arbitrary or malicious programmers. XSLT restricts programmers from performing haphazard operations, such as opening random Transmission Control Protocol (TCP) ports, forking numerous processes, or sending e-mail. The only action available in XSLT is to generate XML, and the XML is interpreted by the UI according to fixed semantics. An XSLT script can output only XML data, which is directly processed by the UI infrastructure to allow only the specific abilities listed above—generating error, warning, and system log messages, and persistent and transient configuration changes. This means that the impact of commit scripts, op scripts, event scripts, and SNMP scripts on the device is well-defined and can be viewed inside the command-line interface (CLI), using commands added for that purpose.
XSLT is a language for transforming one XML document into another XML document. The basic model is that an XSLT engine (or processor) reads a script (or style sheet) and an XML document. The XSLT engine uses the instructions in the script to process the XML document by traversing the document’s hierarchy. The script indicates what portion of the tree should be traversed, how it should be inspected, and what XML should be generated at each point. For commit scripts, op scripts, event scripts, and SNMP scripts, the XSLT engine is a function of the Junos OS management process (mgd).
Figure 1 shows the relationship between an XSLT commit script and the XSLT engine.
XSLT has seven basic concepts. These are summarized in Table 1.
Table 1: XSLT Concepts
Expression syntax for specifying a node in the input document
Mechanism for mapping input hierarchies to instructions that handle them
Mechanism for passing arguments to templates
Mechanism for defining read-only references to nodes
Mechanism for defining logic in XSLT
Mechanism by which templates call themselves to facilitate looping
Node currently being inspected in the input document