1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
|
<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" /><style type="text/css">
TD {font-family: Verdana,Arial,Helvetica}
BODY {font-family: Verdana,Arial,Helvetica; margin-top: 2em; margin-left: 0em; margin-right: 0em}
H1 {font-family: Verdana,Arial,Helvetica}
H2 {font-family: Verdana,Arial,Helvetica}
H3 {font-family: Verdana,Arial,Helvetica}
A:link, A:visited, A:active { text-decoration: underline }
</style><title>Module security from libxslt</title></head><body bgcolor="#8b7765" text="#000000" link="#a06060" vlink="#000000"><table border="0" width="100%" cellpadding="5" cellspacing="0" align="center"><tr><td width="120"><a href="http://swpat.ffii.org/"><img src="../epatents.png" alt="Action against software patents" /></a></td><td width="180"><a href="http://www.gnome.org/"><img src="../gnome2.png" alt="GNOME2 Logo" /></a><a href="http://www.w3.org/Status"><img src="../w3c.png" alt="W3C logo" /></a><a href="http://www.redhat.com"><img src="../redhat.gif" alt="Red Hat Logo" /></a><div align="left"><a href="http://xmlsoft.org/XSLT/"><img src="../Libxslt-Logo-180x168.gif" alt="Made with Libxslt Logo" /></a></div></td><td><table border="0" width="90%" cellpadding="2" cellspacing="0" align="center" bgcolor="#000000"><tr><td><table width="100%" border="0" cellspacing="1" cellpadding="3" bgcolor="#fffacd"><tr><td align="center"><h1>The XSLT C library for GNOME</h1><h2>Module security from libxslt</h2></td></tr></table></td></tr></table></td></tr></table><table border="0" cellpadding="4" cellspacing="0" width="100%" align="center"><tr><td bgcolor="#8b7765"><table border="0" cellspacing="0" cellpadding="2" width="100%"><tr><td valign="top" width="200" bgcolor="#8b7765"><table border="0" cellspacing="0" cellpadding="1" width="100%" bgcolor="#000000"><tr><td><table width="100%" border="0" cellspacing="1" cellpadding="3"><tr><td colspan="1" bgcolor="#eecfa1" align="center"><center><b>API Menu</b></center></td></tr><tr><td bgcolor="#fffacd"><form action="../search.php" enctype="application/x-www-form-urlencoded" method="get"><input name="query" type="text" size="20" value="" /><input name="submit" type="submit" value="Search ..." /></form><ul><li><a style="font-weight:bold" href="../index.html">Main Menu</a></li><li><a style="font-weight:bold" href="../docs.html">Developer Menu</a></li><li><a style="font-weight:bold" href="index.html">API Menu</a></li><li><a href="../ChangeLog.html">ChangeLog</a></li></ul></td></tr></table><table width="100%" border="0" cellspacing="1" cellpadding="3"><tr><td colspan="1" bgcolor="#eecfa1" align="center"><center><b>Related links</b></center></td></tr><tr><td bgcolor="#fffacd"><ul><li><a href="http://mail.gnome.org/archives/xslt/">Mail archive</a></li><li><a href="http://xmlsoft.org/">XML libxml2</a></li><li><a href="ftp://xmlsoft.org/">FTP</a></li><li><a href="http://www.zlatkovic.com/projects/libxml/">Windows binaries</a></li><li><a href="http://garypennington.net/libxml2/">Solaris binaries</a></li><li><a href="http://www.explain.com.au/oss/libxml2xslt.html">MacOsX binaries</a></li><li><a href="http://bugzilla.gnome.org/buglist.cgi?product=libxslt">Bug Tracker</a></li><li><a href="http://codespeak.net/lxml/">lxml Python bindings</a></li><li><a href="http://cpan.uwinnipeg.ca/dist/XML-LibXSLT">Perl XSLT bindings</a></li><li><a href="http://www.zend.com/php5/articles/php5-xmlphp.php#Heading17">XSLT with PHP</a></li><li><a href="http://www.mod-xslt2.com/">Apache module</a></li><li><a href="http://sourceforge.net/projects/libxml2-pas/">Pascal bindings</a></li><li><a href="http://xsldbg.sourceforge.net/">Xsldbg Debugger</a></li></ul></td></tr></table><table width="100%" border="0" cellspacing="1" cellpadding="3"><tr><td colspan="1" bgcolor="#eecfa1" align="center"><center><b>API Indexes</b></center></td></tr><tr><td bgcolor="#fffacd"><ul><li><a href="../APIchunk0.html">Alphabetic</a></li><li><a href="../APIconstructors.html">Constructors</a></li><li><a href="../APIfunctions.html">Functions/Types</a></li><li><a href="../APIfiles.html">Modules</a></li><li><a href="../APIsymbols.html">Symbols</a></li></ul></td></tr></table></td></tr></table></td><td valign="top" bgcolor="#8b7765"><table border="0" cellspacing="0" cellpadding="1" width="100%"><tr><td><table border="0" cellspacing="0" cellpadding="1" width="100%" bgcolor="#000000"><tr><td><table border="0" cellpadding="3" cellspacing="1" width="100%"><tr><td bgcolor="#fffacd"><table class="navigation" width="100%" summary="Navigation header" cellpadding="2" cellspacing="2"><tr valign="middle"><td><a accesskey="p" href="libxslt-preproc.html"><img src="left.png" width="24" height="24" border="0" alt="Prev" /></a></td><th align="left"><a href="libxslt-preproc.html">preproc</a></th><td><a accesskey="u" href="index.html"><img src="up.png" width="24" height="24" border="0" alt="Up" /></a></td><th align="left"><a href="index.html">API documentation</a></th><td><a accesskey="h" href="../index.html"><img src="home.png" width="24" height="24" border="0" alt="Home" /></a></td><th align="center"><a href="../index.html">Home</a></th><th align="right"><a href="libxslt-templates.html">templates</a></th><td><a accesskey="n" href="libxslt-templates.html"><img src="right.png" width="24" height="24" border="0" alt="Next" /></a></td></tr></table><p>the libxslt security framework allow to restrict the access to new resources (file or URL) from the stylesheet at runtime. </p><h2>Table of Contents</h2><pre class="programlisting">Enum <a href="#xsltSecurityOption">xsltSecurityOption</a>
</pre><pre class="programlisting">Structure <a href="#xsltSecurityPrefs">xsltSecurityPrefs</a><br />struct _xsltSecurityPrefs
The content of this structure is not made public by the API.
</pre><pre class="programlisting">Typedef <a href="libxslt-security.html#xsltSecurityPrefs">xsltSecurityPrefs</a> * <a name="xsltSecurityPrefsPtr" id="xsltSecurityPrefsPtr">xsltSecurityPrefsPtr</a>
</pre><pre class="programlisting">int <a href="#xsltCheckRead">xsltCheckRead</a> (<a href="libxslt-security.html#xsltSecurityPrefsPtr">xsltSecurityPrefsPtr</a> sec, <br /> <a href="libxslt-xsltInternals.html#xsltTransformContextPtr">xsltTransformContextPtr</a> ctxt, <br /> const xmlChar * URL)</pre>
<pre class="programlisting">int <a href="#xsltCheckWrite">xsltCheckWrite</a> (<a href="libxslt-security.html#xsltSecurityPrefsPtr">xsltSecurityPrefsPtr</a> sec, <br /> <a href="libxslt-xsltInternals.html#xsltTransformContextPtr">xsltTransformContextPtr</a> ctxt, <br /> const xmlChar * URL)</pre>
<pre class="programlisting">void <a href="#xsltFreeSecurityPrefs">xsltFreeSecurityPrefs</a> (<a href="libxslt-security.html#xsltSecurityPrefsPtr">xsltSecurityPrefsPtr</a> sec)</pre>
<pre class="programlisting"><a href="libxslt-security.html#xsltSecurityPrefsPtr">xsltSecurityPrefsPtr</a> <a href="#xsltGetDefaultSecurityPrefs">xsltGetDefaultSecurityPrefs</a> (void)</pre>
<pre class="programlisting"><a href="libxslt-security.html#xsltSecurityCheck">xsltSecurityCheck</a> <a href="#xsltGetSecurityPrefs">xsltGetSecurityPrefs</a> (<a href="libxslt-security.html#xsltSecurityPrefsPtr">xsltSecurityPrefsPtr</a> sec, <br /> <a href="libxslt-security.html#xsltSecurityOption">xsltSecurityOption</a> option)</pre>
<pre class="programlisting"><a href="libxslt-security.html#xsltSecurityPrefsPtr">xsltSecurityPrefsPtr</a> <a href="#xsltNewSecurityPrefs">xsltNewSecurityPrefs</a> (void)</pre>
<pre class="programlisting">int <a href="#xsltSecurityAllow">xsltSecurityAllow</a> (<a href="libxslt-security.html#xsltSecurityPrefsPtr">xsltSecurityPrefsPtr</a> sec, <br /> <a href="libxslt-xsltInternals.html#xsltTransformContextPtr">xsltTransformContextPtr</a> ctxt, <br /> const char * value)</pre>
<pre class="programlisting">Function type: <a href="#xsltSecurityCheck">xsltSecurityCheck</a>
int <a href="#xsltSecurityCheck">xsltSecurityCheck</a> (<a href="libxslt-security.html#xsltSecurityPrefsPtr">xsltSecurityPrefsPtr</a> sec, <br /> <a href="libxslt-xsltInternals.html#xsltTransformContextPtr">xsltTransformContextPtr</a> ctxt, <br /> const char * value)
</pre>
<pre class="programlisting">int <a href="#xsltSecurityForbid">xsltSecurityForbid</a> (<a href="libxslt-security.html#xsltSecurityPrefsPtr">xsltSecurityPrefsPtr</a> sec, <br /> <a href="libxslt-xsltInternals.html#xsltTransformContextPtr">xsltTransformContextPtr</a> ctxt, <br /> const char * value)</pre>
<pre class="programlisting">int <a href="#xsltSetCtxtSecurityPrefs">xsltSetCtxtSecurityPrefs</a> (<a href="libxslt-security.html#xsltSecurityPrefsPtr">xsltSecurityPrefsPtr</a> sec, <br /> <a href="libxslt-xsltInternals.html#xsltTransformContextPtr">xsltTransformContextPtr</a> ctxt)</pre>
<pre class="programlisting">void <a href="#xsltSetDefaultSecurityPrefs">xsltSetDefaultSecurityPrefs</a> (<a href="libxslt-security.html#xsltSecurityPrefsPtr">xsltSecurityPrefsPtr</a> sec)</pre>
<pre class="programlisting">int <a href="#xsltSetSecurityPrefs">xsltSetSecurityPrefs</a> (<a href="libxslt-security.html#xsltSecurityPrefsPtr">xsltSecurityPrefsPtr</a> sec, <br /> <a href="libxslt-security.html#xsltSecurityOption">xsltSecurityOption</a> option, <br /> <a href="libxslt-security.html#xsltSecurityCheck">xsltSecurityCheck</a> func)</pre>
<h2>Description</h2>
<h3>Enum <a name="xsltSecurityOption" id="xsltSecurityOption">xsltSecurityOption</a></h3><pre class="programlisting">Enum xsltSecurityOption {
<a name="XSLT_SECPREF_READ_FILE" id="XSLT_SECPREF_READ_FILE">XSLT_SECPREF_READ_FILE</a> = 1
<a name="XSLT_SECPREF_WRITE_FILE" id="XSLT_SECPREF_WRITE_FILE">XSLT_SECPREF_WRITE_FILE</a> = 2
<a name="XSLT_SECPREF_CREATE_DIRECTORY" id="XSLT_SECPREF_CREATE_DIRECTORY">XSLT_SECPREF_CREATE_DIRECTORY</a> = 3
<a name="XSLT_SECPREF_READ_NETWORK" id="XSLT_SECPREF_READ_NETWORK">XSLT_SECPREF_READ_NETWORK</a> = 4
<a name="XSLT_SECPREF_WRITE_NETWORK" id="XSLT_SECPREF_WRITE_NETWORK">XSLT_SECPREF_WRITE_NETWORK</a> = 5
}
</pre><h3><a name="xsltSecurityPrefs" id="xsltSecurityPrefs">Structure xsltSecurityPrefs</a></h3><pre class="programlisting">Structure xsltSecurityPrefs<br />struct _xsltSecurityPrefs {
The content of this structure is not made public by the API.
}</pre><h3><a name="xsltCheckRead" id="xsltCheckRead"></a>Function: xsltCheckRead</h3><pre class="programlisting">int xsltCheckRead (<a href="libxslt-security.html#xsltSecurityPrefsPtr">xsltSecurityPrefsPtr</a> sec, <br /> <a href="libxslt-xsltInternals.html#xsltTransformContextPtr">xsltTransformContextPtr</a> ctxt, <br /> const xmlChar * URL)<br />
</pre><p>Check if the resource is allowed to be read</p>
<div class="variablelist"><table border="0"><col align="left" /><tbody><tr><td><span class="term"><i><tt>sec</tt></i>:</span></td><td>the security options</td></tr><tr><td><span class="term"><i><tt>ctxt</tt></i>:</span></td><td>an XSLT transformation context</td></tr><tr><td><span class="term"><i><tt>URL</tt></i>:</span></td><td>the resource to be read</td></tr><tr><td><span class="term"><i><tt>Returns</tt></i>:</span></td><td>1 if read is allowed, 0 if not and -1 in case or error.</td></tr></tbody></table></div><h3><a name="xsltCheckWrite" id="xsltCheckWrite"></a>Function: xsltCheckWrite</h3><pre class="programlisting">int xsltCheckWrite (<a href="libxslt-security.html#xsltSecurityPrefsPtr">xsltSecurityPrefsPtr</a> sec, <br /> <a href="libxslt-xsltInternals.html#xsltTransformContextPtr">xsltTransformContextPtr</a> ctxt, <br /> const xmlChar * URL)<br />
</pre><p>Check if the resource is allowed to be written, if necessary makes some preliminary work like creating directories</p>
<div class="variablelist"><table border="0"><col align="left" /><tbody><tr><td><span class="term"><i><tt>sec</tt></i>:</span></td><td>the security options</td></tr><tr><td><span class="term"><i><tt>ctxt</tt></i>:</span></td><td>an XSLT transformation context</td></tr><tr><td><span class="term"><i><tt>URL</tt></i>:</span></td><td>the resource to be written</td></tr><tr><td><span class="term"><i><tt>Returns</tt></i>:</span></td><td>1 if write is allowed, 0 if not and -1 in case or error.</td></tr></tbody></table></div><h3><a name="xsltFreeSecurityPrefs" id="xsltFreeSecurityPrefs"></a>Function: xsltFreeSecurityPrefs</h3><pre class="programlisting">void xsltFreeSecurityPrefs (<a href="libxslt-security.html#xsltSecurityPrefsPtr">xsltSecurityPrefsPtr</a> sec)<br />
</pre><p>Free up a security preference block</p>
<div class="variablelist"><table border="0"><col align="left" /><tbody><tr><td><span class="term"><i><tt>sec</tt></i>:</span></td><td>the security block to free</td></tr></tbody></table></div><h3><a name="xsltGetDefaultSecurityPrefs" id="xsltGetDefaultSecurityPrefs"></a>Function: xsltGetDefaultSecurityPrefs</h3><pre class="programlisting"><a href="libxslt-security.html#xsltSecurityPrefsPtr">xsltSecurityPrefsPtr</a> xsltGetDefaultSecurityPrefs (void)<br />
</pre><p>Get the default security preference application-wide</p>
<div class="variablelist"><table border="0"><col align="left" /><tbody><tr><td><span class="term"><i><tt>Returns</tt></i>:</span></td><td>the current <a href="libxslt-security.html#xsltSecurityPrefsPtr">xsltSecurityPrefsPtr</a> in use or NULL if none</td></tr></tbody></table></div><h3><a name="xsltGetSecurityPrefs" id="xsltGetSecurityPrefs"></a>Function: xsltGetSecurityPrefs</h3><pre class="programlisting"><a href="libxslt-security.html#xsltSecurityCheck">xsltSecurityCheck</a> xsltGetSecurityPrefs (<a href="libxslt-security.html#xsltSecurityPrefsPtr">xsltSecurityPrefsPtr</a> sec, <br /> <a href="libxslt-security.html#xsltSecurityOption">xsltSecurityOption</a> option)<br />
</pre><p>Lookup the security option to get the callback checking function</p>
<div class="variablelist"><table border="0"><col align="left" /><tbody><tr><td><span class="term"><i><tt>sec</tt></i>:</span></td><td>the security block to update</td></tr><tr><td><span class="term"><i><tt>option</tt></i>:</span></td><td>the option to lookup</td></tr><tr><td><span class="term"><i><tt>Returns</tt></i>:</span></td><td>NULL if not found, the function otherwise</td></tr></tbody></table></div><h3><a name="xsltNewSecurityPrefs" id="xsltNewSecurityPrefs"></a>Function: xsltNewSecurityPrefs</h3><pre class="programlisting"><a href="libxslt-security.html#xsltSecurityPrefsPtr">xsltSecurityPrefsPtr</a> xsltNewSecurityPrefs (void)<br />
</pre><p>Create a new security preference block</p>
<div class="variablelist"><table border="0"><col align="left" /><tbody><tr><td><span class="term"><i><tt>Returns</tt></i>:</span></td><td>a pointer to the new block or NULL in case of error</td></tr></tbody></table></div><h3><a name="xsltSecurityAllow" id="xsltSecurityAllow"></a>Function: xsltSecurityAllow</h3><pre class="programlisting">int xsltSecurityAllow (<a href="libxslt-security.html#xsltSecurityPrefsPtr">xsltSecurityPrefsPtr</a> sec, <br /> <a href="libxslt-xsltInternals.html#xsltTransformContextPtr">xsltTransformContextPtr</a> ctxt, <br /> const char * value)<br />
</pre><p>Function used to always allow an operation</p>
<div class="variablelist"><table border="0"><col align="left" /><tbody><tr><td><span class="term"><i><tt>sec</tt></i>:</span></td><td>the security block to use</td></tr><tr><td><span class="term"><i><tt>ctxt</tt></i>:</span></td><td>an XSLT transformation context</td></tr><tr><td><span class="term"><i><tt>value</tt></i>:</span></td><td>unused</td></tr><tr><td><span class="term"><i><tt>Returns</tt></i>:</span></td><td>1 always</td></tr></tbody></table></div><h3><a name="xsltSecurityCheck" id="xsltSecurityCheck"></a>Function type: xsltSecurityCheck</h3><pre class="programlisting">Function type: xsltSecurityCheck
int xsltSecurityCheck (<a href="libxslt-security.html#xsltSecurityPrefsPtr">xsltSecurityPrefsPtr</a> sec, <br /> <a href="libxslt-xsltInternals.html#xsltTransformContextPtr">xsltTransformContextPtr</a> ctxt, <br /> const char * value)
</pre><p>User provided function to check the value of a string like a file path or an URL ...</p><div class="variablelist"><table border="0"><col align="left" /><tbody><tr><td><span class="term"><i><tt>sec</tt></i>:</span></td><td></td></tr><tr><td><span class="term"><i><tt>ctxt</tt></i>:</span></td><td></td></tr><tr><td><span class="term"><i><tt>value</tt></i>:</span></td><td></td></tr><tr><td><span class="term"><i><tt>Returns</tt></i>:</span></td><td></td></tr></tbody></table></div><br />
<h3><a name="xsltSecurityForbid" id="xsltSecurityForbid"></a>Function: xsltSecurityForbid</h3><pre class="programlisting">int xsltSecurityForbid (<a href="libxslt-security.html#xsltSecurityPrefsPtr">xsltSecurityPrefsPtr</a> sec, <br /> <a href="libxslt-xsltInternals.html#xsltTransformContextPtr">xsltTransformContextPtr</a> ctxt, <br /> const char * value)<br />
</pre><p>Function used to always forbid an operation</p>
<div class="variablelist"><table border="0"><col align="left" /><tbody><tr><td><span class="term"><i><tt>sec</tt></i>:</span></td><td>the security block to use</td></tr><tr><td><span class="term"><i><tt>ctxt</tt></i>:</span></td><td>an XSLT transformation context</td></tr><tr><td><span class="term"><i><tt>value</tt></i>:</span></td><td>unused</td></tr><tr><td><span class="term"><i><tt>Returns</tt></i>:</span></td><td>0 always</td></tr></tbody></table></div><h3><a name="xsltSetCtxtSecurityPrefs" id="xsltSetCtxtSecurityPrefs"></a>Function: xsltSetCtxtSecurityPrefs</h3><pre class="programlisting">int xsltSetCtxtSecurityPrefs (<a href="libxslt-security.html#xsltSecurityPrefsPtr">xsltSecurityPrefsPtr</a> sec, <br /> <a href="libxslt-xsltInternals.html#xsltTransformContextPtr">xsltTransformContextPtr</a> ctxt)<br />
</pre><p>Set the security preference for a specific transformation</p>
<div class="variablelist"><table border="0"><col align="left" /><tbody><tr><td><span class="term"><i><tt>sec</tt></i>:</span></td><td>the security block to use</td></tr><tr><td><span class="term"><i><tt>ctxt</tt></i>:</span></td><td>an XSLT transformation context</td></tr><tr><td><span class="term"><i><tt>Returns</tt></i>:</span></td><td>-1 in case of error, 0 otherwise</td></tr></tbody></table></div><h3><a name="xsltSetDefaultSecurityPrefs" id="xsltSetDefaultSecurityPrefs"></a>Function: xsltSetDefaultSecurityPrefs</h3><pre class="programlisting">void xsltSetDefaultSecurityPrefs (<a href="libxslt-security.html#xsltSecurityPrefsPtr">xsltSecurityPrefsPtr</a> sec)<br />
</pre><p>Set the default security preference application-wide</p>
<div class="variablelist"><table border="0"><col align="left" /><tbody><tr><td><span class="term"><i><tt>sec</tt></i>:</span></td><td>the security block to use</td></tr></tbody></table></div><h3><a name="xsltSetSecurityPrefs" id="xsltSetSecurityPrefs"></a>Function: xsltSetSecurityPrefs</h3><pre class="programlisting">int xsltSetSecurityPrefs (<a href="libxslt-security.html#xsltSecurityPrefsPtr">xsltSecurityPrefsPtr</a> sec, <br /> <a href="libxslt-security.html#xsltSecurityOption">xsltSecurityOption</a> option, <br /> <a href="libxslt-security.html#xsltSecurityCheck">xsltSecurityCheck</a> func)<br />
</pre><p>Update the security option to use the new callback checking function</p>
<div class="variablelist"><table border="0"><col align="left" /><tbody><tr><td><span class="term"><i><tt>sec</tt></i>:</span></td><td>the security block to update</td></tr><tr><td><span class="term"><i><tt>option</tt></i>:</span></td><td>the option to update</td></tr><tr><td><span class="term"><i><tt>func</tt></i>:</span></td><td>the user callback to use for this option</td></tr><tr><td><span class="term"><i><tt>Returns</tt></i>:</span></td><td>-1 in case of error, 0 otherwise</td></tr></tbody></table></div><p><a href="../bugs.html">Daniel Veillard</a></p></td></tr></table></td></tr></table></td></tr></table></td></tr></table></td></tr></table></body></html>
|