	[x] Posted via EE Mobile
	Search, ask, and monitor your questions on the go with EE Mobile. Visit Experts Exchange from your mobile device and never be out of touch again.

04/09/2009 at 12:21PM PDT, ID: 24310668

	[x] Attachment Details

[x]

The Solution Rating System

With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.

The Grade of the Solution
The Zone Rank of the Expert Providing the Solution
The Number of Author and Expert Comments
The Number of Experts Contributing
The Feedback of the Community

Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site.

If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support.

Thank you!

9.0

Rendering XML in HTML

Asked by shark1998 in Extensible Markup Language (XML), Asynchronous Javascript and XML (AJAX), JavaScript

Tags: XML, Javascript, AJAX

OK...So I have an XML document that I would like to parse and represent in simple HTML format via AJAX. I have the structure already in place however I am having difficulty showing all sub-elements.

Basically, I have a Vulnerability scan output generated in XML from a Vulnerability scanner called Retina. The XML structure is fine and is structured such as:

- <scanJob>
- <hosts>
+ <host>
<ip>192.168.1.101</ip>
<netBIOSName>N/A</netBIOSName>
<dnsName>LAB-Quack1</dnsName>
<mac>N/A</mac>
<os>Windows Server 2003</os>
- <audit>
<rthID>1226</rthID>
<cve>N/A</cve>
<name>No Remote Registry Access Available</name>
<description>This alert is only to notify you that Retina was not able to access the remote system's registry. Without registry access, Retina will still be able to remotely audit for vulnerabilities, although having access to the remote registry does provide Retina with the ability to verify if specific security patches are installed. By default the Retina scan engine runs as the SYSTEM user which has no access to the remote system's registry. To have Retina scan with the permissions required to access remote registries you'll need to add credentials to the scan. See "Managing Credentials" in the Retina users guide.</description>
<date>03/18/2009</date>
<risk>Information</risk>
<pciLevel>1 (Low)</pciLevel>
<cvssScore>N/A</cvssScore>
<fixInformation>Ensure that the system has remote registry capabilities enabled, and that you have administrative rights on the system.</fixInformation>
</audit>
- <audit>
<rthID>6799</rthID>
<cve>N/A</cve>
<name>Verify Microsoft Windows Password Complexity</name>
<description>This is an informational check. Manually check to ensure that password complexity requirements are enforced.</description>
<date>03/18/2009</date>
<risk>Information</risk>
<pciLevel>1 (Low)</pciLevel>
<cvssScore>N/A</cvssScore>
<fixInformation>This is an informational check. Manually check to ensure that password complexity requirements are enforced.</fixInformation>
</audit>
- <audit>
<rthID>6798</rthID>
<cve>N/A</cve>
<name>Verify Microsoft Windows Anonymous SID/Name Translation</name>
<description>This is an informational check. Manually check to ensure that Anonymous SID/Name Translation is disabled.</description>
<date>03/18/2009</date>
<risk>Information</risk>
<pciLevel>1 (Low)</pciLevel>
<cvssScore>N/A</cvssScore>
<fixInformation>This is an informational check. Manually check to ensure that Anonymous SID/Name Translation is disabled.</fixInformation>
</audit>
</host>
- <host>
<ip>192.168.1.102</ip>
<netBIOSName>N/A</netBIOSName>
<dnsName>LAB-Quack2</dnsName>
<mac>N/A</mac>
<os>Windows Server 2003</os>
- <audit>
<rthID>1226</rthID>
<cve>N/A</cve>
<name>No Remote Registry Access Available</name>
<description>This alert is only to notify you that Retina was not able to access the remote system's registry. Without registry access, Retina will still be able to remotely audit for vulnerabilities, although having access to the remote registry does provide Retina with the ability to verify if specific security patches are installed. By default the Retina scan engine runs as the SYSTEM user which has no access to the remote system's registry. To have Retina scan with the permissions required to access remote registries you'll need to add credentials to the scan. See "Managing Credentials" in the Retina users guide.</description>
<date>03/18/2009</date>
<risk>Information</risk>
<pciLevel>1 (Low)</pciLevel>
<cvssScore>N/A</cvssScore>
<fixInformation>Ensure that the system has remote registry capabilities enabled, and that you have administrative rights on the system.</fixInformation>
</audit>
- <audit>
<rthID>6799</rthID>
<cve>N/A</cve>
<name>Verify Microsoft Windows Password Complexity</name>
<description>This is an informational check. Manually check to ensure that password complexity requirements are enforced.</description>
<date>03/18/2009</date>
<risk>Information</risk>
<pciLevel>1 (Low)</pciLevel>
<cvssScore>N/A</cvssScore>
<fixInformation>This is an informational check. Manually check to ensure that password complexity requirements are enforced.</fixInformation>
</audit>
- <audit>
<rthID>6798</rthID>
<cve>N/A</cve>
<name>Verify Microsoft Windows Anonymous SID/Name Translation</name>
<description>This is an informational check. Manually check to ensure that Anonymous SID/Name Translation is disabled.</description>
<date>03/18/2009</date>
<risk>Information</risk>
<pciLevel>1 (Low)</pciLevel>
<cvssScore>N/A</cvssScore>
<fixInformation>This is an informational check. Manually check to ensure that Anonymous SID/Name Translation is disabled.</fixInformation>
</audit>
</host>
- <host>
<ip>192.168.1.103</ip>
<netBIOSName>N/A</netBIOSName>
<dnsName>LAB-Quack3</dnsName>
<mac>N/A</mac>
<os>Windows Server 2003</os>
- <audit>
<rthID>1226</rthID>
<cve>N/A</cve>
<name>No Remote Registry Access Available</name>
<description>This alert is only to notify you that Retina was not able to access the remote system's registry. Without registry access, Retina will still be able to remotely audit for vulnerabilities, although having access to the remote registry does provide Retina with the ability to verify if specific security patches are installed. By default the Retina scan engine runs as the SYSTEM user which has no access to the remote system's registry. To have Retina scan with the permissions required to access remote registries you'll need to add credentials to the scan. See "Managing Credentials" in the Retina users guide.</description>
<date>03/18/2009</date>
<risk>Information</risk>
<pciLevel>1 (Low)</pciLevel>
<cvssScore>N/A</cvssScore>
<fixInformation>Ensure that the system has remote registry capabilities enabled, and that you have administrative rights on the system.</fixInformation>
</audit>
- <audit>
<rthID>6799</rthID>
<cve>N/A</cve>
<name>Verify Microsoft Windows Password Complexity</name>
<description>This is an informational check. Manually check to ensure that password complexity requirements are enforced.</description>
<date>03/18/2009</date>
<risk>Information</risk>
<pciLevel>1 (Low)</pciLevel>
<cvssScore>N/A</cvssScore>
<fixInformation>This is an informational check. Manually check to ensure that password complexity requirements are enforced.</fixInformation>
</audit>
- <audit>
<rthID>6798</rthID>
<cve>N/A</cve>
<name>Verify Microsoft Windows Anonymous SID/Name Translation</name>
<description>This is an informational check. Manually check to ensure that Anonymous SID/Name Translation is disabled.</description>
<date>03/18/2009</date>
<risk>Information</risk>
<pciLevel>1 (Low)</pciLevel>
<cvssScore>N/A</cvssScore>
<fixInformation>This is an informational check. Manually check to ensure that Anonymous SID/Name Translation is disabled.</fixInformation>
</audit>
</host>
</hosts>
</scanJob>

What I have for the current method of rendering is in the code block below. The problem is that when it renders the HTML, only the first Audit Node(branch, whatever, I am really not sure what its called) is shown and not the additional "Audit" findings under that particular IP address. I am assuming that I need to add another Array, but since I got help with the code in the first place I am not really sure how to implement it. In the future though I would like the generated HTML to list by Vulnerability and group the individual IPs under that particular vulnerability.

Any help would be greatly appreciated. Also, please try not to make too many changes that are a drastic departure from what I already have and if you do can you describe it as much detail as possible. I sincerely appreciate it.

View the Solution FREE for 30 Days

         
           
             1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
48:
49:
50:
51:
52:
53:
54:
55:
56:
57:
58:
59:
60:
61:
62:
63:
64:
65:
66:
67:
68:
69:
70:
71:
72:
73:
74:
75:
76:
77:
78:
79:
80:
81:
82:
83:
84:
85:
86:
87:
88:
89:
90:
91:

           
           
             <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
	<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
	<title>Untitled Document</title>
	<script type="text/javascript">
	    function _xml_loadDocument(path) {
	    	var xmlDoc;
			try { // IE
				xmlDoc = new ActiveXObject("Microsoft.XMLDOM");
			}
			catch (ex) {
				try { // Gecko
					xmlDoc = document.implementation.createDocument("","",null);
				}
				catch (ex) {
					alert('Your browser cannot handle this script');
				}
			}
			xmlDoc.async = false;
			xmlDoc.load(path);
			return xmlDoc;
		}
 
		
		//make the table
 
		function renderTableBody(parentElement) {
			var tableEl = parentElement.appendChild(document.createElement('TABLE'));
			tableEl.cellPadding = '10';
			tableEl.style.width = '100%';
 
			var tableBody = tableEl.appendChild(document.createElement('TBODY'));
 
			// Render header cells.
			var headerRow = tableBody.appendChild(document.createElement('TR'));
			headerRow.appendChild(document.createElement('TD')).innerHTML = 'IP';
			headerRow.appendChild(document.createElement('TD')).innerHTML = 'DNS Name';
			headerRow.appendChild(document.createElement('TD')).innerHTML = 'Operating System';			
			headerRow.appendChild(document.createElement('TD')).innerHTML = 'CVE';
			headerRow.appendChild(document.createElement('TD')).innerHTML = 'Vulnerability Name';
			headerRow.appendChild(document.createElement('TD')).innerHTML = 'Description';
			headerRow.appendChild(document.createElement('TD')).innerHTML = 'Risk';
			headerRow.appendChild(document.createElement('TD')).innerHTML = 'Solution';
			
 
			return tableBody;
		}
		function renderColumn(hostRow, host, name) {
			var lookupNode = host.getElementsByTagName(name)[0];
			if (lookupNode && lookupNode.childNodes[0]) {
				var nodeValue = lookupNode.childNodes[0].nodeValue;
				hostRow.appendChild(document.createElement('TD')).innerHTML = nodeValue;
			}
		}
		function renderhost(tableBody, host) {
			var hostRow = tableBody.appendChild(document.createElement('TR'));
			
 
 
			renderColumn(hostRow, host, 'ip');
			renderColumn(hostRow, host, 'dnsName');
			renderColumn(hostRow, host, 'os');
			renderColumn(hostRow, host, 'cve');
			renderColumn(hostRow, host, 'name');
			renderColumn(hostRow, host, 'description');
			renderColumn(hostRow, host, 'risk');
			renderColumn(hostRow, host, 'fixInformation');
			
		}
 
		function renderXML(path, parentElement) {
			try {
				var xmlDoc = _xml_loadDocument(path);
				var tableBody = renderTableBody(parentElement || document.body);
 
				var xmlhosts = xmlDoc.getElementsByTagName("host");
				for (var i = 0; i < xmlhosts.length; ++i) {
					renderhost(tableBody, xmlhosts[i]);
				}
			}
			catch (ex) {
				alert('Your browser cannot handle this script');
			}
		}
	</script>
</head>
<body onload="renderXML('sampleRetina.xml');">
	
</body>
</html>

           
         

Related Solutions: Rendering XML in HTML and formatting text strings

20090824-EE-VQP-74 - Hierarchy / EE_QW_3_20080625

1. Gertone425,357
2. abel188,021
3. Ray_Pas...140,605
4. BigRat56,555
5. zc245,200
6. Tiggerito42,770
7. cxr37,800
8. mplungjan32,240
9. TheLearn...31,150
10. hielo30,250
11. Dabas23,500
12. blue-genie22,750
13. numberkr...22,100
14. ragi001720,900
15. Christofer...20,100
16. rascalpants19,500
17. CEHJ18,365
18. MogalManic17,375
19. objects17,320
20. mwvisa117,000
21. Adam31416,950
22. CodeCruiser15,400
23. HainKurt13,668
24. sybe13,500
24. alain3413,500

1. Gertone3,464,075
2. rdcpro1,233,081
3. dualsoul477,203
4. hielo288,572
5. b1xml2277,374
6. jkmyoung255,356
7. abel245,013
8. BigRat232,405
9. Ray_Pas...180,641
10. sparkplug170,918
11. carl_tawn168,964
12. Yury_Del...158,196
13. TheLearn...153,272
14. R7AF128,024
15. ramazany...119,659
16. zc2112,600
17. avner107,811
18. kmartin789,236
19. PeterCiuff...85,026
20. kawas79,287
21. BobSiemens77,460
22. blue-genie74,940
23. J_Mak74,646
24. b0lsc0tt73,230
25. mplungjan73,020

Rendering XML in HTML

Asked by shark1998 in Extensible Markup Language (XML), Asynchronous Javascript and XML (AJAX), JavaScript

Tags: XML, Javascript, AJAX

About this solution