c# - Unsanitized XML from WebService, How to sanitize -

-

i have "xml" response webservice isn't sanitized. meaning contains illegal characters, special characters, html tags , hexadecimal.

what's best way sanitize response?

here xml example service.

<root>  <response>   <type>e</type>   <code>cmne_00034</code>   <source>cmnq3030</source>   <message>some valid message here.</message>   <detail>error details here     line 114:    endif     line 115:    edit     line 116: else   > line 117:    call lp_accept()    line 118:    return ($status)    line 119: endif     line 120: done<end of module> // invalid here     @ cmnq3030.exec line 117: call lp_accept()    @ gpcsy_run line 5: activate instancename."exec"(  )     @ csyv1000.logon line 159: call gpcsy_run()   </detail>  </response> </root>

i have tried lots of things, creating xmlreader has settings, this.

public xdocument createxmldocument(string content) {     using (var reader = xmlreader.create(new stringreader(content), createxmlreadersettings()))     {         return xdocument.load(reader);     } }  private static xmlreadersettings createxmlreadersettings() {     return new xmlreadersettings { checkcharacters = false }; }

to changing xmldocument xdocument , using encoding.utf8.getbytes before actual reading.

it's unlikely xmlreader, xdocument etc. infrastructure in .net take kindly being asked read , parse badly formed xml.

i recommend pre-processing xml before loading xml objects.

in case above, looks web service returning error message in <detail>...</detail> element should wrapped in cdata this:

<root>  <response>   <type>e</type>   <code>cmne_00034</code>   <source>cmnq3030</source>   <message>some valid message here.</message>   <detail><![cdata[        error details here         line 114:    endif         line 115:    edit         line 116: else       > line 117:    call lp_accept()        line 118:    return ($status)        line 119: endif         line 120: done<end of module> // invalid here         @ cmnq3030.exec line 117: call lp_accept()        @ gpcsy_run line 5: activate instancename."exec"(  )         @ csyv1000.logon line 159: call gpcsy_run()    ]]>   </detail>  </response> </root>

you should able pretty knock parser find, extract , wrap text between end of <detail> tag , start of </detail> tag within <[cdata[ , ]]> tags.

of course, there may other fields in service's xml contain either string data or malformed characters etc. , you'll need find , replace these characters with, example, regular expressions, etc.

once corrected, should have no difficulty loading clean xml xmldocuments/xdocuments etc.

hth.


Comments

Post a Comment

Popular posts from this blog

node.js - Mongoose: Cast to ObjectId failed for value on newly created object after setting the value -

-
this question has answer here: what's mongoose error cast objectid failed value xxx @ path “_id”? 7 answers even though has been asked many times because entity has no valid objectid field. i came across situation objectid set value can casted objectid still error. the schema: var serviceschema = parammongoose.schema({ servicename:{ type: parammongoose.schema.types.objectid , ref: 'servicenames',required:true } }); pseudo code: servicefromdb=new service({servicename:'some name'}); servicefromdb.servicename='000000000000000000000001'; servicefromdb.save(function(paramerror,paramdata){ if(paramerror){ console.log('but but...',servicefromdb,paramerror) } }); the output of code is: but but... { servicename: 000000000000000000000001, _id: 55079a90286f49280364f78b } { [casterror: cast objectid faile...
Read more

gradle error "Cannot convert the provided notation to a File or URI" -

-
i have defined 2 system properties in gradle.properties: systemprop.builddir=build systemprop.cfgdir=build\\cfg and have following task defined in build.gradle: task clean(group:'clean',description:'clean project') << { ant.sequential { delete(dir: system.properties.builddir) mkdir(dir: system.properties.builddir) delete(dir: system.properties.cfgdir) mkdir(dir: system.properties.cfgdir) } } this generates following error: execution failed task ':clean'. > cannot convert provided notation file or uri: {dir=build}. following types/formats supported: - string or charsequence path, e.g 'src/main/java' or '/usr/include' - string or charsequence uri, e.g 'file:/usr/include' - file instance. - uri or url instance. but equivalent block of code not generate error , works expected: task clean(group:'clean',description:'clean project') << { ...
Read more

python - NameError: name 'subprocess' is not defined -

-
i'm trying make rng website: http://jamesdotcom.com/?p=417 . when run following code: captureimage = subprocess.popen( [ "fswebcam", "-r", "356x292", "-d", "/dev/video0", "static.jpg", "--skip", "10" ], stdout=devnull, stderr=devnull) captureimage.communicate() i following error message: nameerror: name 'subprocess' not defined what should do? thanks have imported first? import subprocess captureimage = subprocess.popen(["fswebcam", ...) subprocess included in python standard library since python 2.4. should not necessary install it.
Read more