Solved

Validate XML with external DTD *w/o* DOCTYPE reference in XML file

Posted on 2003-10-29
6
1,235 Views
Last Modified: 2013-11-19
I would like to be able to have an XML string as follows:

<ROOT>
...
</ROOT>

I have defined a DTD for this string which I will be getting via a web service. Now I want to validate this string against my local DTD file and also override any DOCTYPE references that anyone may choose to put in the XML string (they can't if they use my client but if someone malicious gets authenticated and tries something no one has thought of, there is a potential for this web service to compromise a lot of information)

I hope you understand what I mean here.

Basically I want something like this (pseudo-code):

oXML = LoadXML(sXML);
oXML.ValidatingDTD(new FileStreamReader(myLocalDTDFile));
if (oXML.Validate())
... allow ...
else
  throw exception ("You bastard, you didnt use my client");
end if

I would prefer examples in C#

Thanks
0
Comment
Question by:sohail_somani
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 

Author Comment

by:sohail_somani
ID: 9644875
0
 
LVL 4

Expert Comment

by:YuriPutivsky
ID: 9647032
Take a look at Terimber XML parser
http://www.terimber.com
0
 
LVL 9

Expert Comment

by:malharone
ID: 9966243
hi sohail, i was just searching the google and came across your article .. would you be able to post one more post on this ? i've an external xml file which i'm trying to validate using an external dtd. the xml file does not have the doctype reference.

System.Xml.XmlTextReader r;
r= new XmlTextReader("C:\\MyFolder\\Product.xml");
System.Xml.XmlValidatingReader v= new  XmlValidatingReader(r);
v.Schemas.Add(null,"C:\\MyFolder\\Product.dtd");
System.Windows.Forms.MessageBox.Show(v.Schemas.Count.ToString());
v.ValidationType=System.Xml.ValidationType.Schema;  //options: none, dtd, auto, xdr
v.ValidationEventHandler += new ValidationEventHandler(MyValidationEventHandler);
while (v.Read())
{

}

and it's giving me an error. appreciate your help

- malhar
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:sohail_somani
ID: 9966835
malhar

I wrote a static class based on an answer I found from somewhere (I dont remember where)Here is what I did:

public class XmlValidator
{
      static bool IsValid = true;

      private static void CallBack(object sender, ValidationEventArgs args)
      {
            if (args.Severity==XmlSeverityType.Error)
                  IsValid = false;
      }

               // dtdinfo[0] = doctype name
               // dtdinfo[1] = path to dtd
               // note: dtdinfo is ignored if validation type is not dtd
      public static bool Validate(object Xml, string ValidatorPath,ValidationType vt,string[] dtdInfo)
      {
            XmlTextReader x =null;
            XmlValidatingReader v=null;
#if DEBUG
            Console.WriteLine("Validator is a " + vt + " located at " + ValidatorPath);
#endif                  
            if (vt==ValidationType.None)
            {
                  throw new XmlValidationException(ValidatorException.IllegalValidationType);
            }
            IsValid = true;

            try
            {
                  if (Xml is StringReader) x = new XmlTextReader((StringReader)Xml);
                  else if (Xml is String) x = new XmlTextReader(new StringReader((string)Xml));

                  if (vt==ValidationType.DTD)
                  {
                        XmlParserContext pc = new XmlParserContext(null,null,dtdInfo[0],"",dtdInfo[1],"",dtdInfo[1],"",
                              XmlSpace.Default);
                        x.MoveToContent();
                        v = new XmlValidatingReader(x.ReadOuterXml(),XmlNodeType.Element,pc);
                        v.ValidationType=ValidationType.DTD;
                  }
                  else
                  {      
                        v = new XmlValidatingReader(x);
                        v.ValidationType = vt;
                        v.Schemas.Add(null,new XmlTextReader(new StreamReader(ValidatorPath)));
                  }                  
                  
                  while (v.Read());
            }
            finally
            {
                  if (v!=null)v.Close();
                  if (x!=null)x.Close();
            }
            return IsValid;
      }
}
0
 
LVL 96

Expert Comment

by:Bob Learned
ID: 10232215
No comment has been added lately, so it's time to clean up this TA.
I will leave the following recommendation for this question in the Cleanup topic area:

PAQ with points refunded

Please leave any comments here within the next seven days.
PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!

TheLearnedOne
EE Cleanup Volunteer
0
 
LVL 1

Accepted Solution

by:
Computer101 earned 0 total points
ID: 10287397
PAQed, with points refunded (500)

Computer101
E-E Admin
0

Featured Post

The Ultimate Checklist to Optimize Your Website

Websites are getting bigger and complicated by the day. Video, images, custom fonts are all great for showcasing your product/service. But the price to pay in terms of reduced page load times and ultimately, decreased sales, can lead to some difficult decisions about what to cut.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Most of the sites are being standardized with W3C Web Standards. W3C provides lot of web standard services to the web. They have the web specification, process and documentation for all the web standards. You can apply HTML, CSS and Accessibility st…
Introduction Knockoutjs (Knockout) is a JavaScript framework (Model View ViewModel or MVVM framework).   The main ideology behind Knockout is to control from JavaScript how a page looks whilst creating an engaging user experience in the least …
Viewers will learn one way to get user input in Java. Introduce the Scanner object: Declare the variable that stores the user input: An example prompting the user for input: Methods you need to invoke in order to properly get  user input:
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question