Tag Archives: DOMXPath

Mitigating XPath Injection Attacks in PHP

PHP has two libxml based extensions that allow to execute XPath 1.0 expressions: DOM (by the DOMXPath class) and SimpleXML (with its xpath() method). Both extensions are prone to XPath Injection Attacks, a common attack form. Albeit all this, and … Continue reading

Posted in Hakre's Tips, PHP Development, Pressed, Surviving the Internet | Tagged , , , , , , , | 1 Comment

PHP: XPath on HTML and XHTML

Christan Weiske has published a nice summarizing article with the same title. It contains some detailed information I haven’t found so far on the web so worth the link: PHP: XPath on HTML and XHTML. It also reminds me of … Continue reading

Posted in Developing, Hakre's Tips, PHP Development, Pressed | Tagged , , , , | Leave a comment

CSS Selector to XPath conversion

While playing with a parser experiment that fully supports the CSS selectors syntax and the discovery of the Selectors API I started to think about the transformation from CSS selectors to XPath. Sure I’m not the only one, so I … Continue reading

Posted in Developing, PHP Development, Pressed | Tagged , , , , , , , | 1 Comment