equal
deleted
inserted
replaced
13 * to license@zend.com so we can send you a copy immediately. |
13 * to license@zend.com so we can send you a copy immediately. |
14 * |
14 * |
15 * @category Zend |
15 * @category Zend |
16 * @package Zend_Soap |
16 * @package Zend_Soap |
17 * @subpackage Server |
17 * @subpackage Server |
18 * @copyright Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com) |
18 * @copyright Copyright (c) 2005-2015 Zend Technologies USA Inc. (http://www.zend.com) |
19 * @license http://framework.zend.com/license/new-bsd New BSD License |
19 * @license http://framework.zend.com/license/new-bsd New BSD License |
20 */ |
20 */ |
21 |
21 |
22 /** |
22 /** |
23 * @see Zend_Server_Interface |
23 * @see Zend_Server_Interface |
24 */ |
24 */ |
25 require_once 'Zend/Server/Interface.php'; |
25 require_once 'Zend/Server/Interface.php'; |
|
26 |
|
27 /** @see Zend_Xml_Security */ |
|
28 require_once 'Zend/Xml/Security.php'; |
|
29 |
|
30 /** @see Zend_Xml_Exception */ |
|
31 require_once 'Zend/Xml/Exception.php'; |
26 |
32 |
27 /** |
33 /** |
28 * Zend_Soap_Server |
34 * Zend_Soap_Server |
29 * |
35 * |
30 * @category Zend |
36 * @category Zend |
31 * @package Zend_Soap |
37 * @package Zend_Soap |
32 * @subpackage Server |
38 * @subpackage Server |
33 * @uses Zend_Server_Interface |
39 * @uses Zend_Server_Interface |
34 * @copyright Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com) |
40 * @copyright Copyright (c) 2005-2015 Zend Technologies USA Inc. (http://www.zend.com) |
35 * @license http://framework.zend.com/license/new-bsd New BSD License |
41 * @license http://framework.zend.com/license/new-bsd New BSD License |
36 * @version $Id: Server.php 25177 2012-12-22 20:54:18Z rob $ |
42 * @version $Id$ |
37 */ |
43 */ |
38 class Zend_Soap_Server implements Zend_Server_Interface |
44 class Zend_Soap_Server implements Zend_Server_Interface |
39 { |
45 { |
40 /** |
46 /** |
41 * Actor URI |
47 * Actor URI |
727 $xml = $request->__toString(); |
733 $xml = $request->__toString(); |
728 } else { |
734 } else { |
729 $xml = $request; |
735 $xml = $request; |
730 } |
736 } |
731 |
737 |
732 libxml_disable_entity_loader(true); |
|
733 $dom = new DOMDocument(); |
738 $dom = new DOMDocument(); |
734 if(strlen($xml) == 0 || !$dom->loadXML($xml)) { |
739 try { |
|
740 if(strlen($xml) == 0 || (!$dom = Zend_Xml_Security::scan($xml, $dom))) { |
|
741 require_once 'Zend/Soap/Server/Exception.php'; |
|
742 throw new Zend_Soap_Server_Exception('Invalid XML'); |
|
743 } |
|
744 } catch (Zend_Xml_Exception $e) { |
735 require_once 'Zend/Soap/Server/Exception.php'; |
745 require_once 'Zend/Soap/Server/Exception.php'; |
736 throw new Zend_Soap_Server_Exception('Invalid XML'); |
746 throw new Zend_Soap_Server_Exception( |
|
747 $e->getMessage() |
|
748 ); |
737 } |
749 } |
738 foreach ($dom->childNodes as $child) { |
|
739 if ($child->nodeType === XML_DOCUMENT_TYPE_NODE) { |
|
740 require_once 'Zend/Soap/Server/Exception.php'; |
|
741 throw new Zend_Soap_Server_Exception( |
|
742 'Invalid XML: Detected use of illegal DOCTYPE' |
|
743 ); |
|
744 } |
|
745 } |
|
746 libxml_disable_entity_loader(false); |
|
747 } |
750 } |
748 $this->_request = $xml; |
751 $this->_request = $xml; |
749 return $this; |
752 return $this; |
750 } |
753 } |
751 |
754 |