Hacking Exposed Web 2.0: Web 2.0 Security Secrets and Solutions

Prev | Current Page 222 | Next

Rich Cannings, Himanshu Dwivedi, Zane Lackey, and Alex Stamos

"Hacking Exposed Web 2.0: Web 2.0 Security Secrets and Solutions"

Net Framework.
///

/// Creates a XmlDocument from a file, prevents known Xml
/// attacks.
///

/// URI of file containing Xml
/// Loaded XmlDocument object
public XmlDocument SecureXmlFileLoad(string xmlFile)
{
XmlDocument xmlDocument = new XmlDocument();
XmlReaderSettings readerSettings = new XmlReaderSettings();
readerSettings.ProhibitDtd = true; //Prevent entity expansion
readerSettings.XmlResolver = null; //Prevent external references
readerSettings.IgnoreProcessingInstructions = true;
XmlReader xmlReader = XmlReader.Create(xmlFile, readerSettings);
xmlDocument.Load(xmlReader);
return xmlDocument;
}
///

/// Creates a XmlDocument from a string containing serialized Xml,
Chapter 5: .Net Security 119
/// prevents known Xml attacks.
///

/// Xml serialized as a string
/// Loaded XmlDocument object
public XmlDocument SecureXmlStringLoad(string serializedXml)
{
XmlDocument xmlDocument = new XmlDocument();
XmlReaderSettings readerSettings = new XmlReaderSettings();
readerSettings.ProhibitDtd = true; //Prevent entity expansion
readerSettings.

Pages:
210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234

After the Rain : how the West lost the East (page 461) A History of Indian Philosophy, Volume 1 (page 992) The Adventures of Tom Sawyer, Part 3. (page 51)

Books for you

Rich Cannings, Himanshu Dwivedi, Zane Lackey, and Alex Stamos

"Hacking Exposed Web 2.0: Web 2.0 Security Secrets and Solutions"