ddex_parser/parser/
security.rs

1use std::time::Duration;
2
3/// Security configuration for XML parsing
4#[derive(Debug, Clone)]
5pub struct SecurityConfig {
6    // Entity expansion protection
7    pub disable_dtd: bool,
8    pub disable_external_entities: bool,
9    pub max_entity_expansions: usize,
10    pub max_entity_depth: usize,
11
12    // Size limits
13    pub max_element_depth: usize,
14    pub max_attribute_size: usize,
15    pub max_text_size: usize,
16    pub max_file_size: usize,
17
18    // Time limits
19    pub parse_timeout: Duration,
20    pub stream_timeout: Duration,
21
22    // Network protection
23    pub allow_network: bool,
24    pub allowed_schemas: Vec<String>,
25
26    // Performance options
27    pub enable_fast_streaming: bool,
28}
29
30impl Default for SecurityConfig {
31    fn default() -> Self {
32        Self::strict()
33    }
34}
35
36impl SecurityConfig {
37    /// Strict security configuration (default)
38    pub fn strict() -> Self {
39        Self {
40            disable_dtd: true,
41            disable_external_entities: true,
42            max_entity_expansions: 100, // Reduced from 1000 to protect against XML bombs
43            max_entity_depth: 10,       // Reduced from 20 for better protection
44            max_element_depth: 100,     // Keep at 100, this will block deep nesting attacks
45            max_attribute_size: 100 * 1024, // 100KB
46            max_text_size: 1024 * 1024, // 1MB
47            max_file_size: 1024 * 1024 * 1024, // 1GB
48            parse_timeout: Duration::from_secs(30),
49            stream_timeout: Duration::from_secs(300),
50            allow_network: false,
51            allowed_schemas: vec!["file".to_string()],
52            enable_fast_streaming: false, // Disabled by default for strict mode
53        }
54    }
55
56    /// Relaxed configuration for trusted sources
57    pub fn relaxed() -> Self {
58        Self {
59            max_element_depth: 200,
60            max_file_size: if cfg!(target_arch = "wasm32") {
61                100 * 1024 * 1024 // 100MB for WASM
62            } else {
63                5 * 1024 * 1024 * 1024 // 5GB for native
64            },
65            parse_timeout: Duration::from_secs(120),
66            stream_timeout: Duration::from_secs(600),
67            enable_fast_streaming: true, // Enable fast streaming in relaxed mode
68            ..Self::strict()
69        }
70    }
71}