Skip to content
This repository has been archived by the owner on Jan 29, 2020. It is now read-only.

Commit

Permalink
Merge branch 'master' into form/select-date
Browse files Browse the repository at this point in the history
  • Loading branch information
@bakura10
bakura10 committed Aug 18, 2012
78 parents 79c38ce + 995e0a7 + bb2d896 + 1b246ad + 211c08a + 164a230 + 1fa8900 + 2b3577e + 495bb6c + ab5c324 + 2e456c8 + 63bff97 + f7e139b + 3cb454e + 22f9181 + 93a693f + 2a458de + 1c142d8 + 7f95140 + be3c33f + 7ab0a73 + 8cb2a33 + 56ac953 + 4157e43 + 0ec8c93 + 4bea232 + 26b2403 + 11d87a1 + fb85298 + 6bda27e + b73658e + 1020b71 + 58956c7 + 4de672f + 79fe77b + 7624c04 + cfbc839 + 49e4d7c + ff81391 + 21cca29 + f0671be + 7c4ff71 + 98d530a + 8d88cc5 + 390535a + 00e3a5a + 1debe09 + 90714d6 + b60de46 + 239a3c3 + 623bc45 + caef534 + 2df5656 + 43268cd + a75eec7 + 2567e8f + ea9335d + 464392f + 7fd0ba3 + 1e64d87 + c8ba509 + ca73950 + c8dc1c3 + bb4f382 + c7e8658 + 7182b57 + 7681cd3 + 9e9880e + e68c740 + a5f5145 + e24bcf7 + 0cf2624 + 74f8e99 + 9dc42d7 + 6918467 + 75ec452 + b74beb0 + 7032642 commit c09dfeb
Show file tree
Hide file tree
Showing 2 changed files with 21 additions and 1 deletion.
8 changes: 7 additions & 1 deletion src/Query.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -238,11 +238,17 @@ public function queryXpath($xpathQuery, $query = null)
} else {
$domDoc = new DOMDocument('1.0', $encoding);
}

$type = $this->getDocumentType();
switch ($type) {
case self::DOC_XML:
$success = $domDoc->loadXML($document);
foreach ($domDoc->childNodes as $child) {
if ($child->nodeType === XML_DOCUMENT_TYPE_NODE) {
throw new Exception\RuntimeException(
'Invalid XML: Detected use of illegal DOCTYPE'
);
}
}
break;
case self::DOC_HTML:
case self::DOC_XHTML:
Expand Down
14 changes: 14 additions & 0 deletions test/QueryTest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -342,4 +342,18 @@ public function testXhtmlDocumentWithXmlAndDoctypeDeclaration()
$this->query->setDocument($xhtmlWithXmlDecl, 'utf-8');
$this->assertEquals(1, $this->query->execute('//p')->count());
}

public function testLoadingXmlContainingDoctypeShouldFailToPreventXxeAndXeeAttacks()
{
$xml = <<<XML
<?xml version="1.0"?>
<!DOCTYPE results [<!ENTITY harmless "completely harmless">]>
<results>
<result>This result is &harmless;</result>
</results>
XML;
$this->query->setDocumentXml($xml);
$this->setExpectedException("\Zend\Dom\Exception\RuntimeException");
$this->query->queryXpath('/');
}
}

0 comments on commit c09dfeb

Please sign in to comment.