Id/Idref QName Namespace Support (read-only)#186
Closed
usrlocalben wants to merge 21 commits intoSTIXProject:masterfrom
usrlocalben:idns
Closed
Id/Idref QName Namespace Support (read-only)#186usrlocalben wants to merge 21 commits intoSTIXProject:masterfrom usrlocalben:idns
usrlocalben wants to merge 21 commits intoSTIXProject:masterfrom
usrlocalben:idns
Conversation
id & idref attributes are QNames, so the associated xmlns entries need to be resolved properly. This patches all STIX top-level objects & STIXPackage to read the namespace info from the parser nsmap, and make it available with id/idref as a pair. The api objects from_obj() is modified to retrieve the pair and the namespace is available as id_ns & idref_ns. Read-only -- no write support.
High-level object support for setting the idref_ns. In-memory only -- No serialization support.
Conflicts: stix/campaign/__init__.py stix/coa/__init__.py stix/exploit_target/__init__.py stix/incident/__init__.py stix/indicator/indicator.py stix/threat_actor/__init__.py stix/ttp/__init__.py
Since the idgen namespace settings are at the module-level, they could cause thread-safety issues, depending on the use. This patch moves the idgen gathering up to the to_xml() and out of nsparser, and optional by using the include_idgen=T/F parameter to to_xml. To implement a thread-safe to_xml() call, the caller should disable the include_idgen, and provide the needed namespaces using the ns_dict parameter.
Conflicts: stix/campaign/__init__.py stix/coa/__init__.py stix/core/stix_package.py stix/exploit_target/__init__.py stix/incident/__init__.py stix/indicator/indicator.py stix/threat_actor/__init__.py stix/ttp/__init__.py
During encode(), some write operations are decorated with encode(ExternalEncoding), but others are not. If any unicode strings end up in the non-encoded outputs, the StringIO buffer accumulates a mix of String and Unicode, which it can't handle.
Conflicts: stix/bindings/stix_common.py stix/bindings/stix_core.py stix/core/stix_package.py
Conflicts: stix/base.py stix/utils/nsparser.py
Conflicts: stix/base.py
Contributor
|
This branch has gotten out of date (that's our fault, not yours), and a lot has happened in our namespace code in the mean time. I think it would be easier to reimplement than update this code. Thanks for the contribution @benjamin9999. This is indeed a cool feature! |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
(This pull request is more about receiving feedback -- I don't expect this to be merged as-is)
Here is (read-only) support for dereferencing the namespaces for id/idref QNames.
The namespace is read from the nsmap when fetching id/idref, and returned as a (id,namespace) pair.
The high-level object makes this available as id_ns and idref_ns.
It also adds idref_ns as an init parameter for the high-level objects because it's useful in our workflow -- however, it is only an in-memory value.
I can submit the matching patch for python-cybox, but it's the same pattern shown here.