Expand description
Security module for DDEX Builder
This module provides comprehensive security measures including:
- XXE (XML External Entity) attack prevention
- Input validation and sanitization
- Cross-platform path traversal prevention
- Size limits and rate limiting
- Safe XML parsing configuration
Re-exports§
pub use self::entity_classifier::create_entity;pub use self::entity_classifier::create_external_entity;pub use self::entity_classifier::create_parameter_entity;pub use self::entity_classifier::AttackType;pub use self::entity_classifier::ClassifierConfig;pub use self::entity_classifier::Entity;pub use self::entity_classifier::EntityClass;pub use self::entity_classifier::EntityClassifier;pub use self::entity_classifier::EntityMetrics;pub use self::entity_classifier::ValidationResult;pub use self::path_validator::PathValidationConfig;pub use self::path_validator::PathValidator;pub use self::path_validator::ValidatedPath;pub use self::error_sanitizer::sanitize_build_error;pub use self::error_sanitizer::sanitize_error;pub use self::error_sanitizer::sanitize_io_error;pub use self::error_sanitizer::sanitize_parse_error;pub use self::error_sanitizer::sanitize_security_error;pub use self::error_sanitizer::ErrorContext;pub use self::error_sanitizer::ErrorLevel;pub use self::error_sanitizer::ErrorMode;pub use self::error_sanitizer::ErrorSanitizer;pub use self::error_sanitizer::RedactionRule;pub use self::error_sanitizer::SanitizedError;pub use self::error_sanitizer::SanitizerConfig;pub use self::error_sanitizer::SanitizerStatistics;pub use self::error_sanitizer::SecureError;
Modules§
- entity_
classifier - Entity Classification System for DDEX Builder
- error_
sanitizer - Error message sanitization system for preventing information disclosure
- path_
validator - Cross-Platform Path Validation Module
- utils
- Security utilities
Structs§
- Input
Validator - Input validator for various data types
- Output
Sanitizer - Output safety and sanitization
- Rate
Limiter - Rate limiter for API endpoints
- Secure
Temp File - Secure temporary file handling
- Secure
XmlReader - Secure XML reader with XXE protection
- Security
Config - Security configuration for XML parsing