Tag Archives: DOM

Mitigating XPath Injection Attacks in PHP

PHP has two libxml based extensions that allow to execute XPath 1.0 expressions: DOM (by the DOMXPath class) and SimpleXML (with its xpath() method). Both extensions are prone to XPath Injection Attacks, a common attack form. Albeit all this, and … Continue reading

Posted in Hakre's Tips, PHP Development, Pressed, Surviving the Internet | Tagged , , , , , , , | 1 Comment

SimpleXML Type Cheatsheet

A SimpleXMLElement can represent many different things, from an element, to a list of attributes or childelements. Sometimes it’s good to know how to find out, especially with the magic the extension comes with. The following is a table with … Continue reading

Posted in Hakre's Tips, PHP Development, Pressed, The Know Your Language Department | Tagged , , , , , , , , , | 1 Comment