sohail_somani
asked on
Validate XML with external DTD *w/o* DOCTYPE reference in XML file
I would like to be able to have an XML string as follows:
<ROOT>
...
</ROOT>
I have defined a DTD for this string which I will be getting via a web service. Now I want to validate this string against my local DTD file and also override any DOCTYPE references that anyone may choose to put in the XML string (they can't if they use my client but if someone malicious gets authenticated and tries something no one has thought of, there is a potential for this web service to compromise a lot of information)
I hope you understand what I mean here.
Basically I want something like this (pseudo-code):
oXML = LoadXML(sXML);
oXML.ValidatingDTD(new FileStreamReader(myLocalDT DFile));
if (oXML.Validate())
... allow ...
else
throw exception ("You bastard, you didnt use my client");
end if
I would prefer examples in C#
Thanks
<ROOT>
...
</ROOT>
I have defined a DTD for this string which I will be getting via a web service. Now I want to validate this string against my local DTD file and also override any DOCTYPE references that anyone may choose to put in the XML string (they can't if they use my client but if someone malicious gets authenticated and tries something no one has thought of, there is a potential for this web service to compromise a lot of information)
I hope you understand what I mean here.
Basically I want something like this (pseudo-code):
oXML = LoadXML(sXML);
oXML.ValidatingDTD(new FileStreamReader(myLocalDT
if (oXML.Validate())
... allow ...
else
throw exception ("You bastard, you didnt use my client");
end if
I would prefer examples in C#
Thanks
Take a look at Terimber XML parser
http://www.terimber.com
http://www.terimber.com
hi sohail, i was just searching the google and came across your article .. would you be able to post one more post on this ? i've an external xml file which i'm trying to validate using an external dtd. the xml file does not have the doctype reference.
System.Xml.XmlTextReader r;
r= new XmlTextReader("C:\\MyFolde r\\Product .xml");
System.Xml.XmlValidatingRe ader v= new XmlValidatingReader(r);
v.Schemas.Add(null,"C:\\My Folder\\Pr oduct.dtd" );
System.Windows.Forms.Messa geBox.Show (v.Schemas .Count.ToS tring());
v.ValidationType=System.Xm l.Validati onType.Sch ema; //options: none, dtd, auto, xdr
v.ValidationEventHandler += new ValidationEventHandler(MyV alidationE ventHandle r);
while (v.Read())
{
}
and it's giving me an error. appreciate your help
- malhar
System.Xml.XmlTextReader r;
r= new XmlTextReader("C:\\MyFolde
System.Xml.XmlValidatingRe
v.Schemas.Add(null,"C:\\My
System.Windows.Forms.Messa
v.ValidationType=System.Xm
v.ValidationEventHandler += new ValidationEventHandler(MyV
while (v.Read())
{
}
and it's giving me an error. appreciate your help
- malhar
ASKER
malhar
I wrote a static class based on an answer I found from somewhere (I dont remember where)Here is what I did:
public class XmlValidator
{
static bool IsValid = true;
private static void CallBack(object sender, ValidationEventArgs args)
{
if (args.Severity==XmlSeverit yType.Erro r)
IsValid = false;
}
// dtdinfo[0] = doctype name
// dtdinfo[1] = path to dtd
// note: dtdinfo is ignored if validation type is not dtd
public static bool Validate(object Xml, string ValidatorPath,ValidationTy pe vt,string[] dtdInfo)
{
XmlTextReader x =null;
XmlValidatingReader v=null;
#if DEBUG
Console.WriteLine("Validat or is a " + vt + " located at " + ValidatorPath);
#endif
if (vt==ValidationType.None)
{
throw new XmlValidationException(Val idatorExce ption.Ille galValidat ionType);
}
IsValid = true;
try
{
if (Xml is StringReader) x = new XmlTextReader((StringReade r)Xml);
else if (Xml is String) x = new XmlTextReader(new StringReader((string)Xml)) ;
if (vt==ValidationType.DTD)
{
XmlParserContext pc = new XmlParserContext(null,null ,dtdInfo[0 ],"",dtdIn fo[1],"",d tdInfo[1], "",
XmlSpace.Default);
x.MoveToContent();
v = new XmlValidatingReader(x.Read OuterXml() ,XmlNodeTy pe.Element ,pc);
v.ValidationType=Validatio nType.DTD;
}
else
{
v = new XmlValidatingReader(x);
v.ValidationType = vt;
v.Schemas.Add(null,new XmlTextReader(new StreamReader(ValidatorPath )));
}
while (v.Read());
}
finally
{
if (v!=null)v.Close();
if (x!=null)x.Close();
}
return IsValid;
}
}
I wrote a static class based on an answer I found from somewhere (I dont remember where)Here is what I did:
public class XmlValidator
{
static bool IsValid = true;
private static void CallBack(object sender, ValidationEventArgs args)
{
if (args.Severity==XmlSeverit
IsValid = false;
}
// dtdinfo[0] = doctype name
// dtdinfo[1] = path to dtd
// note: dtdinfo is ignored if validation type is not dtd
public static bool Validate(object Xml, string ValidatorPath,ValidationTy
{
XmlTextReader x =null;
XmlValidatingReader v=null;
#if DEBUG
Console.WriteLine("Validat
#endif
if (vt==ValidationType.None)
{
throw new XmlValidationException(Val
}
IsValid = true;
try
{
if (Xml is StringReader) x = new XmlTextReader((StringReade
else if (Xml is String) x = new XmlTextReader(new StringReader((string)Xml))
if (vt==ValidationType.DTD)
{
XmlParserContext pc = new XmlParserContext(null,null
XmlSpace.Default);
x.MoveToContent();
v = new XmlValidatingReader(x.Read
v.ValidationType=Validatio
}
else
{
v = new XmlValidatingReader(x);
v.ValidationType = vt;
v.Schemas.Add(null,new XmlTextReader(new StreamReader(ValidatorPath
}
while (v.Read());
}
finally
{
if (v!=null)v.Close();
if (x!=null)x.Close();
}
return IsValid;
}
}
No comment has been added lately, so it's time to clean up this TA.
I will leave the following recommendation for this question in the Cleanup topic area:
PAQ with points refunded
Please leave any comments here within the next seven days.
PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!
TheLearnedOne
EE Cleanup Volunteer
I will leave the following recommendation for this question in the Cleanup topic area:
PAQ with points refunded
Please leave any comments here within the next seven days.
PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!
TheLearnedOne
EE Cleanup Volunteer
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
http://www.dotnet247.com/247reference/msgs/30/150712.aspx