XmlReaderSettings.ProhibitDtd Property

Reference

Definition

Namespace:: System.Xml

Assembly:: System.Xml.ReaderWriter.dll

Assembly:: System.Xml.dll

Assembly:: netstandard.dll

Source:: XmlReaderSettings.cs

Source:: XmlReaderSettings.cs

Source:: XmlReaderSettings.cs

Important

Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.

Caution

Use XmlReaderSettings.DtdProcessing property instead.

Caution

XmlReaderSettings.ProhibitDtd has been deprecated. Use DtdProcessing instead.

Gets or sets a value indicating whether to prohibit document type definition (DTD) processing. This property is obsolete. Use DtdProcessing instead.

public:
 property bool ProhibitDtd { bool get(); void set(bool value); };

[System.Obsolete("Use XmlReaderSettings.DtdProcessing property instead.")]
public bool ProhibitDtd { get; set; }

[System.Obsolete("XmlReaderSettings.ProhibitDtd has been deprecated. Use DtdProcessing instead.")]
public bool ProhibitDtd { get; set; }

public bool ProhibitDtd { get; set; }

[<System.Obsolete("Use XmlReaderSettings.DtdProcessing property instead.")>]
member this.ProhibitDtd : bool with get, set

[<System.Obsolete("XmlReaderSettings.ProhibitDtd has been deprecated. Use DtdProcessing instead.")>]
member this.ProhibitDtd : bool with get, set

member this.ProhibitDtd : bool with get, set

Public Property ProhibitDtd As Boolean

Property Value

Boolean

true to prohibit DTD processing; otherwise false. The default is true.

Attributes: ObsoleteAttribute

Examples

The following example validates data using a DTD.

#using <System.Xml.dll>

using namespace System;
using namespace System::Xml;
using namespace System::Xml::Schema;
using namespace System::IO;

// Display any validation errors.
static void ValidationCallBack( Object^ /*sender*/, ValidationEventArgs^ e )
{
   Console::WriteLine( L"Validation Error: {0}", e->Message );
}

int main()
{
   // Set the validation settings.
   XmlReaderSettings^ settings = gcnew XmlReaderSettings;
   settings->DtdProcessing = DtdProcessing::Parse;
   settings->ValidationType = ValidationType::DTD;
   settings->ValidationEventHandler += gcnew ValidationEventHandler( ValidationCallBack );

   // Create the XmlReader object.
   XmlReader^ reader = XmlReader::Create( L"itemDTD.xml", settings );

   // Parse the file. 
   while ( reader->Read() )
      ;

   return 1;
}

using System;
using System.Xml;
using System.Xml.Schema;
using System.IO;

public class Sample {

  public static void Main() {

    // Set the validation settings.
    XmlReaderSettings settings = new XmlReaderSettings();
    settings.DtdProcessing = DtdProcessing.Parse;
    settings.ValidationType = ValidationType.DTD;
    settings.ValidationEventHandler += new ValidationEventHandler (ValidationCallBack);

    // Create the XmlReader object.
    XmlReader reader = XmlReader.Create("itemDTD.xml", settings);

    // Parse the file.
    while (reader.Read());
  }

  // Display any validation errors.
  private static void ValidationCallBack(object sender, ValidationEventArgs e) {
    Console.WriteLine("Validation Error: {0}", e.Message);
  }
}

Imports System.Xml
Imports System.Xml.Schema
Imports System.IO

public class Sample 

  public shared sub Main() 

    ' Set the validation settings.
    Dim settings as XmlReaderSettings = new XmlReaderSettings()
    settings.DtdProcessing = DtdProcessing.Parse
    settings.ValidationType = ValidationType.DTD
    AddHandler settings.ValidationEventHandler, AddressOf ValidationCallBack
 
    ' Create the XmlReader object.
    Dim reader as XmlReader = XmlReader.Create("itemDTD.xml", settings)

    ' Parse the file. 
    while reader.Read()
    end while
    
  end sub

  ' Display any validation errors.
  private shared sub ValidationCallBack(sender as object, e as ValidationEventArgs) 
    Console.WriteLine("Validation Error: {0}", e.Message)
  end sub
end class

The example uses the itemDTD.xml file as input.

<!--XML file using a DTD-->
<!DOCTYPE store [
  <!ELEMENT store (item)*> 
  <!ELEMENT item (name,dept,price)>
  <!ATTLIST item type CDATA #REQUIRED>
  <!ELEMENT name (#PCDATA)>
  <!ELEMENT price (#PCDATA)>]>
<store>
  <item type="supplies"  ISBN="2-3631-4">
    <name>paint</name>
    <price>16.95</price>
  </item>
</store>

Remarks

When set to true, the XmlReader throws an XmlException when any DTD content is encountered. Do not enable DTD processing if you are concerned about Denial of Service issues or if you are dealing with untrusted sources.

If you have DTD processing enabled, you can use the XmlSecureResolver to restrict the resources that the XmlReader can access. You can also design your application so that the XML processing is memory and time constrained. For example, configure time-out limits in your ASP.NET application.

This property is obsolete. Use DtdProcessing instead. If you had set ProhibitDtd to its default value true set DtdProcessing to Prohibit. If you had set ProhibitDtd to false set DtdProcessing to Parse.

Applies to

Share via