Skip to content
This repository has been archived by the owner on Jan 31, 2020. It is now read-only.

Commit

Permalink
Disable external loading on DOM and Soap components use of DOMDocument
Browse files Browse the repository at this point in the history
  • Loading branch information
@padraic
padraic committed Aug 1, 2012
84 parents 02f7335 + 88a04db + b1c3dd1 + f3d5365 + 88de986 + fb38487 + 7bfe758 + 2e55342 + 6a04f31 + 57ecc1a + b78abaa + 30a9569 + f96aa9d + 23f86e7 + d43d656 + 4de219f + 3c20bba + a0d3747 + 456d331 + e503406 + 95c2a28 + 1fc5b65 + bc3880f + 2989a80 + e8f73d2 + fcc59de + ad50dbb + a46cbd4 + 6192f93 + bb42677 + 02419fd + cf6df36 + 92345be + 737b39e + fde18af + 43ca092 + e3acc17 + b5bc61a + 30d69f9 + 7dbd12c + 9f45cc7 + 473bfa3 + 916cd80 + 5aac7b0 + 6f66646 + 12c90a3 + 435c161 + 9bb6b33 + 6c32cce + f3c637f + c54876c + e1d13eb + daa8e6c + 5570955 + 388a6c0 + ac33840 + 00e233b + 532572e + 1e1f8d2 + b636e56 + 18878ed + 79ce391 + 9db7d70 + 0c2ce53 + 8dbc4b8 + b8b5d22 + 3dac49c + c87ef97 + 1ffe869 + fbe0570 + 802848d + 9fd0967 + 537b471 + 8cc3c9d + 7f51755 + 71ea52c + f2338ea + 226aada + 6f2818d + fafc8ae + 06d397d + 42a5665 + 9b6e2d1 + 96a0498 commit 1c0be41
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 2 deletions.
3 changes: 2 additions & 1 deletion src/Server.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -660,11 +660,12 @@ protected function _setRequest($request)
} else {
$xml = $request;
}

libxml_disable_entity_loader(true);
$dom = new DOMDocument();
if(strlen($xml) == 0 || !$dom->loadXML($xml)) {
throw new Exception\InvalidArgumentException('Invalid XML');
}
libxml_disable_entity_loader(false);
}
$this->request = $xml;
return $this;
Expand Down
5 changes: 4 additions & 1 deletion src/Wsdl.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -89,13 +89,14 @@ public function __construct($name, $uri, ComplexTypeStrategy $strategy = null, a
xmlns:xsd='http://www.w3.org/2001/XMLSchema'
xmlns:soap-enc='http://schemas.xmlsoap.org/soap/encoding/'
xmlns:wsdl='http://schemas.xmlsoap.org/wsdl/'></definitions>";
libxml_disable_entity_loader(true);
$this->dom = new DOMDocument();
if (!$this->dom->loadXML($wsdl)) {
throw new Exception\RuntimeException('Unable to create DomDocument');
} else {
$this->wsdl = $this->dom->documentElement;
}

libxml_disable_entity_loader(false);
$this->setComplexTypeStrategy($strategy ?: new Wsdl\ComplexTypeStrategy\DefaultComplexType);
}

Expand Down Expand Up @@ -135,8 +136,10 @@ public function setUri($uri)
// @todo: This is the worst hack ever, but its needed due to design and non BC issues of WSDL generation
$xml = $this->dom->saveXML();
$xml = str_replace($oldUri, $uri, $xml);
libxml_disable_entity_loader(true);
$this->dom = new DOMDocument();
$this->dom->loadXML($xml);
libxml_disable_entity_loader(false);
}

return $this;
Expand Down

0 comments on commit 1c0be41

Please sign in to comment.