diff -r 5e7a0fedabdf -r 877f952ae2bd web/lib/Zend/Soap/Server.php
--- a/web/lib/Zend/Soap/Server.php	Thu Mar 21 17:31:31 2013 +0100
+++ b/web/lib/Zend/Soap/Server.php	Thu Mar 21 19:50:53 2013 +0100
@@ -15,7 +15,7 @@
  * @category   Zend
  * @package    Zend_Soap
  * @subpackage Server
- * @copyright  Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
+ * @copyright  Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com)
  * @license    http://framework.zend.com/license/new-bsd     New BSD License
  */
 
@@ -31,9 +31,9 @@
  * @package    Zend_Soap
  * @subpackage Server
  * @uses       Zend_Server_Interface
- * @copyright  Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
+ * @copyright  Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com)
  * @license    http://framework.zend.com/license/new-bsd     New BSD License
- * @version    $Id: Server.php 22223 2010-05-21 08:06:47Z jan $
+ * @version    $Id: Server.php 25177 2012-12-22 20:54:18Z rob $
  */
 class Zend_Soap_Server implements Zend_Server_Interface
 {
@@ -86,7 +86,13 @@
      */
     protected $_wsdlCache;
 
-
+    /**
+     * WS-I compliant
+     * 
+     * @var boolean 
+     */
+    protected $_wsiCompliant;
+    
     /**
      * Registered fault exceptions
      * @var array
@@ -217,6 +223,9 @@
                 case 'cache_wsdl':
                     $this->setWsdlCache($value);
                     break;
+                case 'wsi_compliant':
+                    $this->setWsiCompliant($value);
+                    break;
                 default:
                     break;
             }
@@ -253,17 +262,42 @@
             $options['uri'] = $this->_uri;
         }
 
-        if(null !== $this->_features) {
+        if (null !== $this->_features) {
             $options['features'] = $this->_features;
         }
 
-        if(null !== $this->_wsdlCache) {
+        if (null !== $this->_wsdlCache) {
             $options['cache_wsdl'] = $this->_wsdlCache;
         }
 
+        if (null !== $this->_wsiCompliant) {
+            $options['wsi_compliant'] = $this->_wsiCompliant;
+        }
+        
         return $options;
     }
-
+    /**
+     * Set WS-I compliant
+     * 
+     * @param  boolean $value
+     * @return Zend_Soap_Server 
+     */
+    public function setWsiCompliant($value)
+    {
+        if (is_bool($value)) {
+            $this->_wsiCompliant = $value;
+        }
+        return $this;
+    }
+    /**
+     * Gt WS-I compliant
+     * 
+     * @return boolean
+     */
+    public function getWsiCompliant() 
+    {
+        return $this->_wsiCompliant;
+    }
     /**
      * Set encoding
      *
@@ -595,7 +629,12 @@
             throw new Zend_Soap_Server_Exception('An object has already been registered with this soap server instance');
         }
 
-        $this->_object = $object;
+        if ($this->_wsiCompliant) {
+            require_once 'Zend/Soap/Server/Proxy.php';
+            $this->_object = new Zend_Soap_Server_Proxy($object);
+        } else {
+            $this->_object = $object;
+        }    
 
         return $this;
     }
@@ -690,11 +729,21 @@
                 $xml = $request;
             }
 
+            libxml_disable_entity_loader(true);
             $dom = new DOMDocument();
             if(strlen($xml) == 0 || !$dom->loadXML($xml)) {
                 require_once 'Zend/Soap/Server/Exception.php';
                 throw new Zend_Soap_Server_Exception('Invalid XML');
             }
+            foreach ($dom->childNodes as $child) {
+                if ($child->nodeType === XML_DOCUMENT_TYPE_NODE) {
+                    require_once 'Zend/Soap/Server/Exception.php';
+                    throw new Zend_Soap_Server_Exception(
+                        'Invalid XML: Detected use of illegal DOCTYPE'
+                    );
+                }
+            }
+            libxml_disable_entity_loader(false);
         }
         $this->_request = $xml;
         return $this;
@@ -768,6 +817,10 @@
         if (!empty($this->_class)) {
             $args = $this->_classArgs;
             array_unshift($args, $this->_class);
+            if ($this->_wsiCompliant) {
+                require_once 'Zend/Soap/Server/Proxy.php';
+                array_unshift($args, 'Zend_Soap_Server_Proxy');
+            } 
             call_user_func_array(array($server, 'setClass'), $args);
         }
 
@@ -820,19 +873,19 @@
         } catch (Zend_Soap_Server_Exception $e) {
             $setRequestException = $e;
         }
-
+        
         $soap = $this->_getSoap();
 
+        $fault = false;
         ob_start();
-        if($setRequestException instanceof Exception) {
-            // Send SOAP fault message if we've catched exception
-            $soap->fault("Sender", $setRequestException->getMessage());
+        if ($setRequestException instanceof Exception) {
+            // Create SOAP fault message if we've caught a request exception
+            $fault = $this->fault($setRequestException->getMessage(), 'Sender');
         } else {
             try {
-                $soap->handle($request);
+                $soap->handle($this->_request);
             } catch (Exception $e) {
                 $fault = $this->fault($e);
-                $soap->fault($fault->faultcode, $fault->faultstring);
             }
         }
         $this->_response = ob_get_clean();
@@ -841,6 +894,11 @@
         restore_error_handler();
         ini_set('display_errors', $displayErrorsOriginalState);
 
+        // Send a fault, if we have one
+        if ($fault) {
+            $soap->fault($fault->faultcode, $fault->faultstring);
+        }
+
         if (!$this->_returnResponse) {
             echo $this->_response;
             return;