Issue: Exception is encountered when viewing XML documents.
Resolution:
To ensure the highest level of security, more restrictive XSLT parsing has been put into place and it will generate an exception whenever a <xsl:include/> tag is present in a style sheet file. Here is an example of this tag, where FileName.xsl is the external .xsl file being referenced:
<xsl:include href=”FileName.xsl”/>
This tag informs the XSLT parser to also parse in any XSL content from the specified external file. In order to avoid generating an exception, all content from any referenced.xsl file needs to be copied into the main style sheet .xsl file used for viewing and the <xsl:include> tag needs to be removed. Care must be taken to transfer any <xsl:includes> references embedded within other referenced .xsl files to the main file as well.
It is recommended to not use <xsl:include> in .xsl files for improved security. While it is not recommended to reference external .xsl files, if your solution requires it, you can override this security feature by using the AllowInsecureExternalXsl key and set it to true. This key must be placed in the Application Server's web.config configuration file under the appSettings node.
<add key="AllowInsecureExternalXsl" value="true" />