XML

Latest news on xml

XML Parser (XML to array)

Package: XML Parser (XML to array) Summary: Build an array with a XML document structure Groups: XML Author: Eren Ezgü Description: This class can be used to build an array with a XML document structure It takes a XML document as a single text string and parses it to build a document structure as nested array. The structure array is stored in a class variable.

XML Signature Best Practices First Public Draft

2008-11-17: The XML Security Working Group has published the First Public Working Draft of XML Signature Best Practices. This document collects best practices for implementors and users of the XML Signature specification. Most of these best practices are related to improving security and mitigating attacks, yet others are for best practices in the practical use of XML Signature, such as signing XML that doesn't use namespaces, for example. Learn more about the Security Activity. (Permalink)

Vuln: Microsoft XML Core Services DTD Cross Domain Information Disclosure Vulnerability

Microsoft XML Core Services DTD Cross Domain Information Disclosure Vulnerability

W3C Publishes XML Signature Best Practices First Public Draft

2008-11-14: The XML Security Working Group has published the First Public Working Draft of XML Signature Best Practices. The XML Signature specification offers powerful and flexible mechanisms to support a variety of use cases. This flexibility has the downside of increasing the number of possible attacks. One countermeasure to the increased number of threats is to follow best practices, including a simplification of the use of XML Signature where possible. This document outlines best practices noted by the XML Security Specifications Maintenance Working Group, the XML Security Working Group, and other ideas cited at the Workshop on Next Steps for XML Security. While most of these best practices are related to improving security and mitigating attacks, yet others are for best practices in the practical use of XML Signature, such as signing XML that doesn't use namespaces. Learn more about the Security Activity. (Permalink)

ubNode

Package: ubNode Summary: Convert objects into XML and vice-versa Groups: Data types, PHP 5, XML Author: Reynier Blanco Description: This class can be used to convert objects into XML documents and vice-versa. It can take an object and generate a XML document file that contains a representation of the object structure. The class can also do the opposite, i.e. load a XML document file and create an object from the structured defined in the XML document.

Vuln: Microsoft XML Core Services Transfer Encoding Cross Domain Information Disclosure Vulnerability

Microsoft XML Core Services Transfer Encoding Cross Domain Information Disclosure Vulnerability

Vuln: Microsoft XML Core Services Race Condition Memory Corruption Vulnerability

Microsoft XML Core Services Race Condition Memory Corruption Vulnerability

Note: Legacy extended IRIs for XML resource identification

2008-11-07: The XML Core Working Group has published the Group Note of Legacy extended IRIs for XML resource identification. For historic reasons, some formats have allowed variants of IRIs that are somewhat less restricted in syntax, for example XML system identifiers and W3C XML Schema anyURIs. This document provides a definition and a name (Legacy Extended IRI or LEIRI) for these variants for easy reference. These variants have to be used with care; they require further processing before being fully interchangeable as IRIs. New protocols and formats should not use Legacy Extended IRIs. Learn more about the Extensible Markup Language (XML) Activity. (Permalink)

XML Feed

Whoops. Forgot to note, since I am personally a Feedreader addict, I set up an XML feed for you guys also. Here it is: http://feeds.feedburner.com/CollectiblesToday

Adding Basic HTTP Authentication to XML-RPC Class From Zend Framework

Ever since Zend came out with their PHP 5 framework a year or so ago (or was it further back than that?), I've been wanting to try it out. I've been stuck in PHP-4-land for so long. PHP 4 had been oodles of fun, and an extremely useful tool - yet I kept doing things like buying Adam Trachtenberg's Upgrading to PHP 5 book, or reading articles on Sitepoint about new features in PHP 5. I think back now, and Adam's book was published in July of 2004 - 2004! Where did the last two years go? While 2006 is mostly a blur, the excitement of PHP 5 is still fresh and crisp in my mind.After hearing Nate Abele trash the Zend Framework at last week's NYPHP meeting, I felt a strange urge to go out and try it for myself. It reminded me of the School of Visual Arts's recent Subway campaign: "How bad do you want to be good?", except it was more like "How bad do you want to be bad?". "Very baaad!" was my answer. After hearing how it was "the Windows Vista of the PHP world" (I know I got that quote wrong, but it was something to that effect) I wanted to see what this bad-boy framework was all about.I read through the online documentation, and came across the XML-RPC package. I wanted to try it out with an XML-RPC app I'd build more than a year ago, but it did not have any methods to support basic HTTP Authentication, which this app needed.I did a bit of research, and a bit of coding, and here's my result:http://www.moztips.com/code/zendfw/xmlrpc/Client_src.phpIn case you're wondering what I changed:I added the _username and _password class variables, I added the setCredentials() method, and I modified the _sendRequest function to supply the right 'Authorization' header in case a username was set.I did a basic test, and it worked. Hooray! Let me know if it works for you too. PS: If I keep up the rate I'm updating this site, you can expect another entry next March! (Just kidding - I plan to update it more often.)