Zend Framework  1.12
Static Public Member Functions | Public Attributes | Static Protected Member Functions | List of all members
Zend_Xml_Security Class Reference

Static Public Member Functions

static loadXmlErrorHandler ($errno, $errstr, $errfile, $errline)
 
static scan ($xml, DOMDocument $dom=null)
 Scan XML string for potential XXE and XEE attacks.
 
static scanFile ($file, DOMDocument $dom=null)
 Scan XML file for potential XXE/XEE attacks.
 
static isPhpFpm ()
 Return true if PHP is running with PHP-FPM.
 

Public Attributes

const ENTITY_DETECT = 'Detected use of ENTITY in XML, disabled to prevent XXE/XEE attacks'
 

Static Protected Member Functions

static heuristicScan ($xml)
 Heuristic scan to detect entity in XML.
 

Member Function Documentation

static heuristicScan (   $xml)
staticprotected

Heuristic scan to detect entity in XML.

Parameters
string$xml
Exceptions
Zend_Xml_Exception
static isPhpFpm ( )
static

Return true if PHP is running with PHP-FPM.

Returns
boolean
static loadXmlErrorHandler (   $errno,
  $errstr,
  $errfile,
  $errline 
)
static
Parameters
integer$errno
string$errstr
string$errfile
integer$errline
Returns
bool
static scan (   $xml,
DOMDocument  $dom = null 
)
static

Scan XML string for potential XXE and XEE attacks.

Parameters
string$xml
DomDocument$dom
Exceptions
Zend_Xml_Exception
Returns
SimpleXMLElement|DomDocument|boolean
static scanFile (   $file,
DOMDocument  $dom = null 
)
static

Scan XML file for potential XXE/XEE attacks.

Parameters
string$file
DOMDocument$dom
Exceptions
Zend_Xml_Exception
Returns
SimpleXMLElement|DomDocument

Member Data Documentation

const ENTITY_DETECT = 'Detected use of ENTITY in XML, disabled to prevent XXE/XEE attacks'
Generated by   doxygen 1.8.3