XmlReaderSettings.ProhibitDtd Property
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Caution
Use XmlReaderSettings.DtdProcessing property instead.
Caution
XmlReaderSettings.ProhibitDtd has been deprecated. Use DtdProcessing instead.
Gets or sets a value indicating whether to prohibit document type definition (DTD) processing. This property is obsolete. Use DtdProcessing instead.
public:
property bool ProhibitDtd { bool get(); void set(bool value); };
[System.Obsolete("Use XmlReaderSettings.DtdProcessing property instead.")]
public bool ProhibitDtd { get; set; }
[System.Obsolete("XmlReaderSettings.ProhibitDtd has been deprecated. Use DtdProcessing instead.")]
public bool ProhibitDtd { get; set; }
public bool ProhibitDtd { get; set; }
[<System.Obsolete("Use XmlReaderSettings.DtdProcessing property instead.")>]
member this.ProhibitDtd : bool with get, set
[<System.Obsolete("XmlReaderSettings.ProhibitDtd has been deprecated. Use DtdProcessing instead.")>]
member this.ProhibitDtd : bool with get, set
member this.ProhibitDtd : bool with get, set
Public Property ProhibitDtd As Boolean
Property Value
true
to prohibit DTD processing; otherwise false
. The default is true
.
- Attributes
Examples
The following example validates data using a DTD.
#using <System.Xml.dll>
using namespace System;
using namespace System::Xml;
using namespace System::Xml::Schema;
using namespace System::IO;
// Display any validation errors.
static void ValidationCallBack( Object^ /*sender*/, ValidationEventArgs^ e )
{
Console::WriteLine( L"Validation Error: {0}", e->Message );
}
int main()
{
// Set the validation settings.
XmlReaderSettings^ settings = gcnew XmlReaderSettings;
settings->DtdProcessing = DtdProcessing::Parse;
settings->ValidationType = ValidationType::DTD;
settings->ValidationEventHandler += gcnew ValidationEventHandler( ValidationCallBack );
// Create the XmlReader object.
XmlReader^ reader = XmlReader::Create( L"itemDTD.xml", settings );
// Parse the file.
while ( reader->Read() )
;
return 1;
}
using System;
using System.Xml;
using System.Xml.Schema;
using System.IO;
public class Sample {
public static void Main() {
// Set the validation settings.
XmlReaderSettings settings = new XmlReaderSettings();
settings.DtdProcessing = DtdProcessing.Parse;
settings.ValidationType = ValidationType.DTD;
settings.ValidationEventHandler += new ValidationEventHandler (ValidationCallBack);
// Create the XmlReader object.
XmlReader reader = XmlReader.Create("itemDTD.xml", settings);
// Parse the file.
while (reader.Read());
}
// Display any validation errors.
private static void ValidationCallBack(object sender, ValidationEventArgs e) {
Console.WriteLine("Validation Error: {0}", e.Message);
}
}
Imports System.Xml
Imports System.Xml.Schema
Imports System.IO
public class Sample
public shared sub Main()
' Set the validation settings.
Dim settings as XmlReaderSettings = new XmlReaderSettings()
settings.DtdProcessing = DtdProcessing.Parse
settings.ValidationType = ValidationType.DTD
AddHandler settings.ValidationEventHandler, AddressOf ValidationCallBack
' Create the XmlReader object.
Dim reader as XmlReader = XmlReader.Create("itemDTD.xml", settings)
' Parse the file.
while reader.Read()
end while
end sub
' Display any validation errors.
private shared sub ValidationCallBack(sender as object, e as ValidationEventArgs)
Console.WriteLine("Validation Error: {0}", e.Message)
end sub
end class
The example uses the itemDTD.xml file as input.
<!--XML file using a DTD-->
<!DOCTYPE store [
<!ELEMENT store (item)*>
<!ELEMENT item (name,dept,price)>
<!ATTLIST item type CDATA #REQUIRED>
<!ELEMENT name (#PCDATA)>
<!ELEMENT price (#PCDATA)>]>
<store>
<item type="supplies" ISBN="2-3631-4">
<name>paint</name>
<price>16.95</price>
</item>
</store>
Remarks
When set to true
, the XmlReader throws an XmlException when any DTD content is encountered. Do not enable DTD processing if you are concerned about Denial of Service issues or if you are dealing with untrusted sources.
If you have DTD processing enabled, you can use the XmlSecureResolver to restrict the resources that the XmlReader can access. You can also design your application so that the XML processing is memory and time constrained. For example, configure time-out limits in your ASP.NET application.
This property is obsolete. Use DtdProcessing instead. If you had set ProhibitDtd to its default value true
set DtdProcessing to Prohibit
. If you had set ProhibitDtd to false
set DtdProcessing to Parse
.
Applies to
.NET