class XMLSecurity::BaseDocument
Constants
- C14N
- DSIG
- NOKOGIRI_OPTIONS
Public Class Methods
Source
# File lib/xml_security.rb, line 50 def self.safe_load_xml(document, check_malformed_doc = true) doc_str = document.to_s if doc_str.include?("<!DOCTYPE") raise StandardError.new("Dangerous XML detected. No Doctype nodes allowed") end begin xml = Nokogiri::XML(doc_str) do |config| config.options = self::NOKOGIRI_OPTIONS end rescue StandardError => error raise StandardError.new(error.message) end if xml.internal_subset raise StandardError.new("Dangerous XML detected. No Doctype nodes allowed") end unless xml.errors.empty? raise StandardError.new("There were XML errors when parsing: #{xml.errors}") if check_malformed_doc end xml end
Safety load the SAML Message XML @param document [REXML::Document] The message to be loaded @param check_malformed_doc [Boolean] check_malformed_doc Enable or Disable the check for malformed XML @return [Nokogiri::XML] The nokogiri document @raise [ValidationError] If there was a problem loading the SAML Message XML
Public Instance Methods
Source
# File lib/xml_security.rb, line 93 def algorithm(element) algorithm = element if algorithm.is_a?(REXML::Element) algorithm = element.attribute("Algorithm").value end algorithm = algorithm && algorithm =~ /(rsa-)?sha(.*?)$/i && $2.to_i case algorithm when 256 then OpenSSL::Digest::SHA256 when 384 then OpenSSL::Digest::SHA384 when 512 then OpenSSL::Digest::SHA512 else OpenSSL::Digest::SHA1 end end
Source
# File lib/xml_security.rb, line 75 def canon_algorithm(element) algorithm = element if algorithm.is_a?(REXML::Element) algorithm = element.attribute('Algorithm').value end case algorithm when "http://www.w3.org/TR/2001/REC-xml-c14n-20010315", "http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments" Nokogiri::XML::XML_C14N_1_0 when "http://www.w3.org/2006/12/xml-c14n11", "http://www.w3.org/2006/12/xml-c14n11#WithComments" Nokogiri::XML::XML_C14N_1_1 else Nokogiri::XML::XML_C14N_EXCLUSIVE_1_0 end end