santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chad La Joie <>
Subject Re: DO NOT REPLY [Bug 49710] New: exc-c14n damages namespaces of XML
Date Thu, 05 Aug 2010 14:30:04 GMT
Sean, Colm could you please hold off on doing any changes to the 
Canonicalizers for a day or two.  Those were the classes that most 
heavily used the == so I have some local changes here that I'll be 
submitting a patch for quite soon.

On 8/5/10 10:16 AM, wrote:
>             Summary: exc-c14n damages namespaces of XML
>             Product: Security
>             Version: Java 1.4.2
>            Platform: All
>          OS/Version: All
>              Status: NEW
>            Severity: normal
>            Priority: P2
>           Component: Canonicalization
>          AssignedTo:
>          ReportedBy:
> The canonicalizer (java) with exc-c14n produces an invalid XML document here.
> It removes a namespace from an attribute that is still used in that element. It
> attach an example xsd and xml file.
> If I use canonicalize this xml file with exc-c14n it will remove the namespace
> xmlns:xs="". So the attribute
> ns:type="xs:string" won't be valid afterwards.
> Even if I add the namespace to the root element (bla:document) it will be
> removed.
> Validated with xmllint --noout --schema example.xsd example.xml
> Is this really correct for this canonicalization method to damage the xml file?

Chad La Joie
trusted identities, delivered

View raw message