Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

support wsdl:import and simplify the node name comparsions (prefix:loca… #1019

Merged
merged 2 commits into from
Feb 20, 2024
Merged

Conversation

zgabi
Copy link

@zgabi zgabi commented Feb 19, 2024

…lnames)

@andersjonsson
Copy link
Collaborator

andersjonsson commented Feb 19, 2024

Please fix the failing test

@zgabi
Copy link
Author

zgabi commented Feb 19, 2024

Ok, please check it now.. Sorry for the bug, I forget to fix 1 thing. Now it should be OK.

@andersjonsson
Copy link
Collaborator

andersjonsson commented Feb 19, 2024

There are also issues in the Code scanning. It doesn't like trusting Xml from an external source

There seems to be more info, and a suggested fix, here
dotnet/roslyn-analyzers#2477

@zgabi
Copy link
Author

zgabi commented Feb 19, 2024

This insecure thing is not a new problem. The affected line for XSD was already there:

string xsdfile = httpContext.Request.Query["name"];

Should I also fix that problem?

@zgabi
Copy link
Author

zgabi commented Feb 19, 2024

Maybe it is caused by the rename (xsdfile => xsdFile)... but in this case it was already there just the CodeQL did not noticed it :)

@zgabi
Copy link
Author

zgabi commented Feb 19, 2024

I added the suggested fix, please check it again.
I also added unit test for the WSDL import.

@andersjonsson andersjonsson merged commit 74b7c26 into DigDes:develop Feb 20, 2024
3 checks passed
@andersjonsson
Copy link
Collaborator

Thanks!

@zgabi zgabi changed the title support wdf:iport and simplify the node name comparsions (prefix:loca… support wsdl:import and simplify the node name comparsions (prefix:loca… Feb 20, 2024
@zgabi
Copy link
Author

zgabi commented Feb 20, 2024

Thank you, too

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants