Forum› Xamarin.Android
Zebra EMDK for Xamarin EMDKResults.STATUS_CODE.CheckXml XmlReaderSettings
ManojReddy.8431
USMember ✭✭
USMember ✭✭
Hi All,
I am using the EMDK for Xamarin in my Forms application and everything works smoothly.
I ran one of the security tools on my app and it pointed out that while inspecting the XML response, there is no XmlReader validation performed and the recommendation is to always enable validation when you parse XML.
Example: The following code demonstrates how to enable validation when using XmlReader.
XmlReaderSettings settings = new XmlReaderSettings(); settings.Schemas.Add(schema); settings.ValidationType = ValidationType.Schema; StringReader sr = new StringReader(xmlDoc); XmlReader reader = XmlReader.Create(sr, settings);
--
profileManager = (ProfileManager)emdkManager.GetInstance(EMDKManager.FEATURE_TYPE.Profile);
if (profileManager != null)
{
string[] extraData = new string[1];
EMDKResults results = profileManager.ProcessProfile(DATAWEDGE_PROFILE_SMX_DEFAULT, ProfileManager.PROFILE_FLAG.Set, extraData);
if (results.StatusCode == EMDKResults.STATUS_CODE.Success)
{
//Profile applied successfully
}
else if (results.StatusCode == EMDKResults.STATUS_CODE.CheckXml)
{
//Inspect the XML response to see if there are any errors, if not report success
using (XmlReader reader = XmlReader.Create(new StringReader(results.StatusString)))
{
String checkXmlStatus = "Status:\n\n";
while (reader.Read())
{
switch (reader.NodeType)
{
case XmlNodeType.Element:
switch (reader.Name)
{
case "parm-error":
checkXmlStatus += "Parm Error:\n";
checkXmlStatus += reader.GetAttribute("name") + " - ";
checkXmlStatus += reader.GetAttribute("desc") + "\n\n";
break;
case "characteristic-error":
checkXmlStatus += "characteristic Error:\n";
checkXmlStatus += reader.GetAttribute("type") + " - ";
checkXmlStatus += reader.GetAttribute("desc") + "\n\n";
break;
}
break;
}
}
if (checkXmlStatus == "Status:\n\n")
{
//Profile applied successfully
}
else
{
DeviceLogger.Error(LogTag, "Error in ApplyProfile - {0}", checkXmlStatus);
}
}
}
else
{
DeviceLogger.Error(LogTag, "Profile initialization failed - {0} {1} {2}", results.StatusCode, results.StatusString, results.ExtendedStatusMessage);
}
}
else
{
DeviceLogger.Error(LogTag, "profileManager is null");
}
In the line using (XmlReader reader = XmlReader.Create(new StringReader(results.StatusString))) i have to perform xml validation and i need the schema for this. Where can i find it?
Thank you.
Tagged:
1
Answers
@PietroMaggi
@AlessandroCaliaro
@PietroMaggi.7823 can you help this friend?
Thank you.
Thanks for pointing this out,
can you please give me a reference to the tool you've used to analyse your application?
I've never seen the schema for these answer published, but you raised a valid point. I'll see if I can retrieve it.
Ciao
~Pietro
Here is the tool: Fortify
https://en.wikipedia.org/wiki/Fortify_Software