Module security

Source

Expand description

XML security validation. Security validation for XML processing

This module provides defense against XML injection attacks including:

XXE (XML External Entity) attacks
Billion laughs attacks (entity expansion bombs)
Parameter entity attacks
DTD-based exploits

§Security Model

The security model follows a defense-in-depth approach:

Primary Defense: Reject all DOCTYPE declarations
Secondary Defense: Detect entity declarations and external references
Tertiary Defense: Document size limits

§Examples

use hedl_xml::security::XmlSecurityValidator;

let validator = XmlSecurityValidator::default();

// Safe XML passes validation
let safe_xml = r#"<?xml version="1.0"?><hedl><data>safe</data></hedl>"#;
assert!(validator.validate(safe_xml).is_ok());

// XXE attack is rejected
let xxe_xml = r#"<?xml version="1.0"?>
<!DOCTYPE hedl [<!ENTITY xxe SYSTEM "file:///etc/passwd">]>
<hedl><data>&xxe;</data></hedl>"#;
assert!(validator.validate(xxe_xml).is_err());

Structs§

XmlSecurityValidator: Security validator for XML content

Enums§

SecurityViolation: Security violation types

Module security

Module security Copy item path

§Security Model

§Examples

Structs§

Enums§

Module security