Compartir a través de


use-inline-schema Feature

 

This feature determines whether the SAX reader will allow (true) or prohibit (false) the use of inline schemas.

This property has security implications. For more information, see MSXML Security Overview and SAX2 Security.

JScript Syntax

oSaxReader.putFeature(strFeature, vBool);  
vBool= oSaxReader.getFeature(strFeature);  

Visual Basic Syntax

oSaxReader.putFeature
(strFeature, vBool)  
vBool= oSaxReader.getFeature
(strFeature)  

C/C++ Syntax

HRESULT putFeature(BSTR strFeature, VARIANT vBool);  
HRESULT getFeature(BSTR strFeature, VARIANT* vBool);  

Value

strFeature
A BSTR string whose value is "use-inline-schema".

vBool
A VARIANT_BOOL value of true or false that indicates the value of the feature. If this feature is set to true, the SAX reader allows the use of an in-line schema. If false, the SAX reader will disallow them. The default is false.

Remarks

This feature allows you to allow or disallow use of in-line schemas in SAX parsing. Prohibiting in-line schemas can help prevent a denial of service attack in some situations. In-line schemas might allow a document to change the logic that is used when validating. Leaving this feature set to the default value of false avoids this potential problem.

When the SAX reader is actively parsing, this feature is read-only. When the SAX reader is not actively parsing, full (read/write) access is permitted.

Validate property settings Behavior of the parser
use-inline-schema = true

 schema-validation = true
Parsing an XML document that is not valid against the specified schema will result in an error.
use-inline-schema = true

 schema-validation = false
Parsing an XML document that is not valid against the specified schema will result in successful validation.
use-inline-schema = false

 schema-validation = true
Parsing an XML document that is not valid against the specified schema will result in successful validation. Validation will succeed because when use-inline-schema is set to false, inline schemas are treated like any other XML fragments.

Applies to

Interface: ISAXXMLReader Interface

Method: putFeature Method | getFeature Method

Versioning

Implemented in: MSXML 6.0

See Also

SAX2 Security