protected function Xml::createDomDocument in Views XML Backend 8

Creates a very forgiving DOMDocument.

Parameters

string $contents: The XML content of the DOMDocument.

Return value

\DOMDocument A new DOMDocument.

1 call to Xml::createDomDocument()

Xml::getXpath in src/Plugin/views/query/Xml.php

Returns the XPath object for this query.

File

src/Plugin/views/query/Xml.php, line 519

Contains \Drupal\views_xml_backend\Plugin\views\query\Xml.

Class

Xml

Views query plugin for an XML query.

Namespace

Drupal\views_xml_backend\Plugin\views\query

Code

protected function createDomDocument($contents) {

  // Try to make the XML loading as forgiving as possible.
  $document = new \DOMDocument();
  $document->strictErrorChecking = FALSE;
  $document->resolveExternals = FALSE;

  // Libxml specific.
  $document->substituteEntities = TRUE;
  $document->recover = TRUE;
  $options = LIBXML_NONET;
  if (defined('LIBXML_COMPACT')) {
    $options |= LIBXML_COMPACT;
  }
  if (defined('LIBXML_PARSEHUGE')) {
    $options |= LIBXML_PARSEHUGE;
  }
  if (defined('LIBXML_BIGLINES')) {
    $options |= LIBXML_BIGLINES;
  }

  // @see http://symfony.com/blog/security-release-symfony-2-0-11-released
  $disable_entities = libxml_disable_entity_loader(TRUE);
  $document
    ->loadXML($contents, $options);

  // @see http://symfony.com/blog/security-release-symfony-2-0-17-released
  foreach ($document->childNodes as $child) {
    if ($child->nodeType === XML_DOCUMENT_TYPE_NODE) {
      if ($this->livePreview) {
        $this->messenger
          ->setMessage($this
          ->t('A suspicious document was detected.'), 'error');
      }

      // @todo Add more context. The specific view? A link to the page?
      $this->logger
        ->error('A suspicious document was detected.');

      // Overwrite the document to allow processing to continue.
      $document = new \DOMDocument();
      break;
    }
  }
  libxml_disable_entity_loader($disable_entities);
  return $document;
}