Tag Archives: XPath

XPath Null Byte Injection in PHP

Back in July this year, in Mitigating XPath Injection Attacks in PHP I was writing about how to properly quote a string in PHP’s Xpath 1.0. The code presented there was based on the assumption that the resulting expression is … Continue reading

Posted in Hakre's Tips, PHP Development, Pressed, Surviving the Internet | Tagged , , , , , , , | Leave a comment

Mitigating XPath Injection Attacks in PHP

PHP has two libxml based extensions that allow to execute XPath 1.0 expressions: DOM (by the DOMXPath class) and SimpleXML (with its xpath() method). Both extensions are prone to XPath Injection Attacks, a common attack form. Albeit all this, and … Continue reading

Posted in Hakre's Tips, PHP Development, Pressed, Surviving the Internet | Tagged , , , , , , , | 1 Comment

PHP: XPath on HTML and XHTML

Christan Weiske has published a nice summarizing article with the same title. It contains some detailed information I haven’t found so far on the web so worth the link: PHP: XPath on HTML and XHTML. It also reminds me of … Continue reading

Posted in Developing, Hakre's Tips, PHP Development, Pressed | Tagged , , , , | Leave a comment

Just found a nice PDF (Kudo @jens-erat /via) about XPath worth to share the link along: Xpath PDF – Lecture: XML Technologies Winter 2012/13 – Dr. Christian Grün Google PDF Preview shorturl in case your browser does not like to … Continue reading

Link | Posted on by | Tagged , , | 4 Comments

CSS Selector to XPath conversion

While playing with a parser experiment that fully supports the CSS selectors syntax and the discovery of the Selectors API I started to think about the transformation from CSS selectors to XPath. Sure I’m not the only one, so I … Continue reading

Posted in Developing, PHP Development, Pressed | Tagged , , , , , , , | 1 Comment

FluentDOM Usage: The id() Problem

There is a node-set function called id() in xpath. It might be the case that it does not work on your data if you load in HTML documents into FluentDOM / DOM-XML. The result is that you do not get … Continue reading

Posted in Hakre's Tips | Tagged , , , , | Leave a comment

FluentDOM

Keep the fluent flow: From time to time you find exceptional libraries out there. This posting is about one I got pointed with the finger on while being on a PHP unconf last year and I must admit that I … Continue reading

Posted in Hakre's Tips, Tools | Tagged , , , , , | 6 Comments