XMLReader ReadInnerXml 产生意外结果
XMLReader ReadInnerXml yields unexpected results
(.Net 4.5.2 64 位)
尝试使用 XmlReader 从 IASE (http://iase.disa.mil/stigs/Documents/U_MicrosoftOutlook2007_V4R13_STIG.zip) 解析 Outlook 2007 STIG。
我 运行 遇到了一个我不明白的 XmlReader 的 ReadInnerXml() 函数的小问题(注意 "path" 是 xml 文件的路径引用的 zip):
using (var sr = new StreamReader(path))
{
using (XmlReader reader = XmlReader.Create(sr))
{
while (reader.Read())
{
if (reader.Name.Equals("Rule") && reader.NodeType != XmlNodeType.EndElement)
{
Console.WriteLine("Found rule: " + reader.GetAttribute("id"));
}
}
}
}
上面的代码returns下面的ID列表,这是预期的:
Found rule: SV-18181r1_rule
Found rule: SV-18188r1_rule
Found rule: SV-18203r1_rule
Found rule: SV-18602r1_rule
Found rule: SV-18213r1_rule
Found rule: SV-35249r3_rule
Found rule: SV-18641r1_rule
Found rule: SV-18655r1_rule
Found rule: SV-18657r1_rule
Found rule: SV-18663r1_rule
Found rule: SV-18667r1_rule
Found rule: SV-18671r1_rule
Found rule: SV-18673r1_rule
Found rule: SV-18675r1_rule
Found rule: SV-18677r1_rule
Found rule: SV-18679r1_rule
Found rule: SV-18681r1_rule
Found rule: SV-18683r1_rule
Found rule: SV-18685r1_rule
Found rule: SV-18687r1_rule
Found rule: SV-18689r1_rule
Found rule: SV-18708r1_rule
Found rule: SV-18710r1_rule
Found rule: SV-18712r1_rule
Found rule: SV-18729r1_rule
Found rule: SV-18731r1_rule
Found rule: SV-18735r1_rule
Found rule: SV-18743r1_rule
Found rule: SV-18749r1_rule
Found rule: SV-18752r1_rule
Found rule: SV-18766r1_rule
Found rule: SV-18775r3_rule
Found rule: SV-18779r3_rule
Found rule: SV-18838r1_rule
Found rule: SV-18840r1_rule
Found rule: SV-62707r1_rule
Found rule: SV-18842r1_rule
Found rule: SV-18844r1_rule
Found rule: SV-18846r1_rule
Found rule: SV-18848r1_rule
Found rule: SV-18850r1_rule
Found rule: SV-18852r1_rule
Found rule: SV-18910r1_rule
Found rule: SV-18912r1_rule
Found rule: SV-18916r2_rule
Found rule: SV-18918r1_rule
Found rule: SV-18920r1_rule
Found rule: SV-18935r1_rule
Found rule: SV-18946r1_rule
Found rule: SV-18948r1_rule
Found rule: SV-18950r2_rule
Found rule: SV-18958r1_rule
Found rule: SV-18960r1_rule
Found rule: SV-18962r1_rule
Found rule: SV-18964r1_rule
Found rule: SV-18970r1_rule
Found rule: SV-18978r1_rule
Found rule: SV-18980r1_rule
Found rule: SV-18985r1_rule
Found rule: SV-18988r1_rule
Found rule: SV-18990r1_rule
Found rule: SV-18992r1_rule
Found rule: SV-18995r1_rule
Found rule: SV-19005r1_rule
Found rule: SV-19010r1_rule
Found rule: SV-19012r1_rule
Found rule: SV-19014r1_rule
Found rule: SV-19018r1_rule
Found rule: SV-19023r1_rule
Found rule: SV-19026r1_rule
Found rule: SV-19028r1_rule
Found rule: SV-19030r1_rule
Found rule: SV-19032r1_rule
Found rule: SV-19038r1_rule
Found rule: SV-19040r1_rule
Found rule: SV-19042r1_rule
Found rule: SV-19050r1_rule
Found rule: SV-19435r1_rule
但是,将代码更改为:
using (var sr = new StreamReader(path))
{
using (XmlReader reader = XmlReader.Create(sr))
{
while (reader.Read())
{
if (reader.Name.Equals("Rule") && reader.NodeType != XmlNodeType.EndElement)
{
Console.WriteLine("Found rule: " + reader.GetAttribute("id"));
reader.ReadInnerXml();
}
}
}
}
将结果更改为:
Found rule: SV-18181r1_rule
Found rule: SV-18188r1_rule
Found rule: SV-18203r1_rule
Found rule: SV-18602r1_rule
Found rule: SV-18213r1_rule
Found rule: SV-35249r3_rule
Found rule: SV-18641r1_rule
Found rule: SV-18655r1_rule
Found rule: SV-18657r1_rule
Found rule: SV-18663r1_rule
Found rule: SV-18667r1_rule
Found rule: SV-18671r1_rule
Found rule: SV-18673r1_rule
Found rule: SV-18675r1_rule
Found rule: SV-18677r1_rule
Found rule: SV-18679r1_rule
Found rule: SV-18681r1_rule
Found rule: SV-18683r1_rule
Found rule: SV-18685r1_rule
Found rule: SV-18687r1_rule
Found rule: SV-18689r1_rule
Found rule: SV-18708r1_rule
Found rule: SV-18710r1_rule
Found rule: SV-18712r1_rule
Found rule: SV-18729r1_rule
Found rule: SV-18731r1_rule
Found rule: SV-18735r1_rule
Found rule: SV-18743r1_rule
Found rule: SV-18749r1_rule
Found rule: SV-18752r1_rule
Found rule: SV-18766r1_rule
Found rule: SV-18775r3_rule
Found rule: SV-18779r3_rule
Found rule: SV-18838r1_rule
Found rule: SV-18840r1_rule
Found rule: SV-18842r1_rule
Found rule: SV-18844r1_rule
Found rule: SV-18846r1_rule
Found rule: SV-18848r1_rule
Found rule: SV-18850r1_rule
Found rule: SV-18852r1_rule
Found rule: SV-18910r1_rule
Found rule: SV-18912r1_rule
Found rule: SV-18916r2_rule
Found rule: SV-18918r1_rule
Found rule: SV-18920r1_rule
Found rule: SV-18935r1_rule
Found rule: SV-18946r1_rule
Found rule: SV-18948r1_rule
Found rule: SV-18950r2_rule
Found rule: SV-18958r1_rule
Found rule: SV-18960r1_rule
Found rule: SV-18962r1_rule
Found rule: SV-18964r1_rule
Found rule: SV-18970r1_rule
Found rule: SV-18978r1_rule
Found rule: SV-18980r1_rule
Found rule: SV-18985r1_rule
Found rule: SV-18988r1_rule
Found rule: SV-18990r1_rule
Found rule: SV-18992r1_rule
Found rule: SV-18995r1_rule
Found rule: SV-19005r1_rule
Found rule: SV-19010r1_rule
Found rule: SV-19012r1_rule
Found rule: SV-19014r1_rule
Found rule: SV-19018r1_rule
Found rule: SV-19023r1_rule
Found rule: SV-19026r1_rule
Found rule: SV-19028r1_rule
Found rule: SV-19030r1_rule
Found rule: SV-19032r1_rule
Found rule: SV-19038r1_rule
Found rule: SV-19040r1_rule
Found rule: SV-19042r1_rule
Found rule: SV-19050r1_rule
Found rule: SV-19435r1_rule
有人可以解释为什么当我在每个规则上调用 ReadInnerXml() 时缺少 SV-62707r1_rule 吗?更好的是,有人可以描述如何在不跳过其中一个的情况下获取所有规则元素的内部 XML 字符串吗?
当您查看 XML 文件 (U_MicrosoftOutlook2007_V4R13_Manual-xccdf.xml) 时,您会发现该代码附加了以下信息:
Criteria: If the value BlockExtContent is REG_DWORD = 1, this is not a
finding.
Display external content and pictures in HTML eMail - Outlook.
Malicious e-mail senders can send HTML e-mail messages with embedded
Web beacons, which are pictures and other content from external
servers that can be used to track whether specific recipients open the
message. Viewing an e-mail message that contains a Web beacon provides
confirmation that the recipient's e-mail address is valid, which
leaves the recipient vulnerable to additional spam and harmful e-mail.
By default, Outlook does not download external content in HTML e-mail
and RSS items unless the content is considered safe. Content that
Outlook 2007 can be configured to consider safe includes:
• Content in e-mail messages from senders and to recipients defined in the Safe Senders and Safe Recipients lists.
• Content from Web sites in Internet Explorer's Trusted Sites security zone.
• Content in RSS items.
• Content from SharePoint Discussion Boards.
Users can control what content is considered safe by changing the options in the Automatic Download section of the Trust Center. If Outlook's default blocking configuration is overridden, in the Trust Center or by some other method, Outlook will display external content in all HTML e-mail messages, including any that include Web beacons.
你或许可以从这里找出问题所在。
在你的循环中,你在每次迭代时调用 reader.Read()。因此,当您点击 Rule 打开元素标签时,您会调用 reader.ReadInnerXml() 方法,该方法读取整个 Rule 元素,包括结束元素标签。紧接着你调用 reader.Read() 并跳过文档中的下一个节点,如果下一个节点是另一个 Rule 开放元素标签,那么你会错过它。作为简单的修复,您可以在第二个代码中将 if 更改为 while。
(.Net 4.5.2 64 位)
尝试使用 XmlReader 从 IASE (http://iase.disa.mil/stigs/Documents/U_MicrosoftOutlook2007_V4R13_STIG.zip) 解析 Outlook 2007 STIG。
我 运行 遇到了一个我不明白的 XmlReader 的 ReadInnerXml() 函数的小问题(注意 "path" 是 xml 文件的路径引用的 zip):
using (var sr = new StreamReader(path))
{
using (XmlReader reader = XmlReader.Create(sr))
{
while (reader.Read())
{
if (reader.Name.Equals("Rule") && reader.NodeType != XmlNodeType.EndElement)
{
Console.WriteLine("Found rule: " + reader.GetAttribute("id"));
}
}
}
}
上面的代码returns下面的ID列表,这是预期的:
Found rule: SV-18181r1_rule
Found rule: SV-18188r1_rule
Found rule: SV-18203r1_rule
Found rule: SV-18602r1_rule
Found rule: SV-18213r1_rule
Found rule: SV-35249r3_rule
Found rule: SV-18641r1_rule
Found rule: SV-18655r1_rule
Found rule: SV-18657r1_rule
Found rule: SV-18663r1_rule
Found rule: SV-18667r1_rule
Found rule: SV-18671r1_rule
Found rule: SV-18673r1_rule
Found rule: SV-18675r1_rule
Found rule: SV-18677r1_rule
Found rule: SV-18679r1_rule
Found rule: SV-18681r1_rule
Found rule: SV-18683r1_rule
Found rule: SV-18685r1_rule
Found rule: SV-18687r1_rule
Found rule: SV-18689r1_rule
Found rule: SV-18708r1_rule
Found rule: SV-18710r1_rule
Found rule: SV-18712r1_rule
Found rule: SV-18729r1_rule
Found rule: SV-18731r1_rule
Found rule: SV-18735r1_rule
Found rule: SV-18743r1_rule
Found rule: SV-18749r1_rule
Found rule: SV-18752r1_rule
Found rule: SV-18766r1_rule
Found rule: SV-18775r3_rule
Found rule: SV-18779r3_rule
Found rule: SV-18838r1_rule
Found rule: SV-18840r1_rule
Found rule: SV-62707r1_rule
Found rule: SV-18842r1_rule
Found rule: SV-18844r1_rule
Found rule: SV-18846r1_rule
Found rule: SV-18848r1_rule
Found rule: SV-18850r1_rule
Found rule: SV-18852r1_rule
Found rule: SV-18910r1_rule
Found rule: SV-18912r1_rule
Found rule: SV-18916r2_rule
Found rule: SV-18918r1_rule
Found rule: SV-18920r1_rule
Found rule: SV-18935r1_rule
Found rule: SV-18946r1_rule
Found rule: SV-18948r1_rule
Found rule: SV-18950r2_rule
Found rule: SV-18958r1_rule
Found rule: SV-18960r1_rule
Found rule: SV-18962r1_rule
Found rule: SV-18964r1_rule
Found rule: SV-18970r1_rule
Found rule: SV-18978r1_rule
Found rule: SV-18980r1_rule
Found rule: SV-18985r1_rule
Found rule: SV-18988r1_rule
Found rule: SV-18990r1_rule
Found rule: SV-18992r1_rule
Found rule: SV-18995r1_rule
Found rule: SV-19005r1_rule
Found rule: SV-19010r1_rule
Found rule: SV-19012r1_rule
Found rule: SV-19014r1_rule
Found rule: SV-19018r1_rule
Found rule: SV-19023r1_rule
Found rule: SV-19026r1_rule
Found rule: SV-19028r1_rule
Found rule: SV-19030r1_rule
Found rule: SV-19032r1_rule
Found rule: SV-19038r1_rule
Found rule: SV-19040r1_rule
Found rule: SV-19042r1_rule
Found rule: SV-19050r1_rule
Found rule: SV-19435r1_rule
但是,将代码更改为:
using (var sr = new StreamReader(path))
{
using (XmlReader reader = XmlReader.Create(sr))
{
while (reader.Read())
{
if (reader.Name.Equals("Rule") && reader.NodeType != XmlNodeType.EndElement)
{
Console.WriteLine("Found rule: " + reader.GetAttribute("id"));
reader.ReadInnerXml();
}
}
}
}
将结果更改为:
Found rule: SV-18181r1_rule
Found rule: SV-18188r1_rule
Found rule: SV-18203r1_rule
Found rule: SV-18602r1_rule
Found rule: SV-18213r1_rule
Found rule: SV-35249r3_rule
Found rule: SV-18641r1_rule
Found rule: SV-18655r1_rule
Found rule: SV-18657r1_rule
Found rule: SV-18663r1_rule
Found rule: SV-18667r1_rule
Found rule: SV-18671r1_rule
Found rule: SV-18673r1_rule
Found rule: SV-18675r1_rule
Found rule: SV-18677r1_rule
Found rule: SV-18679r1_rule
Found rule: SV-18681r1_rule
Found rule: SV-18683r1_rule
Found rule: SV-18685r1_rule
Found rule: SV-18687r1_rule
Found rule: SV-18689r1_rule
Found rule: SV-18708r1_rule
Found rule: SV-18710r1_rule
Found rule: SV-18712r1_rule
Found rule: SV-18729r1_rule
Found rule: SV-18731r1_rule
Found rule: SV-18735r1_rule
Found rule: SV-18743r1_rule
Found rule: SV-18749r1_rule
Found rule: SV-18752r1_rule
Found rule: SV-18766r1_rule
Found rule: SV-18775r3_rule
Found rule: SV-18779r3_rule
Found rule: SV-18838r1_rule
Found rule: SV-18840r1_rule
Found rule: SV-18842r1_rule
Found rule: SV-18844r1_rule
Found rule: SV-18846r1_rule
Found rule: SV-18848r1_rule
Found rule: SV-18850r1_rule
Found rule: SV-18852r1_rule
Found rule: SV-18910r1_rule
Found rule: SV-18912r1_rule
Found rule: SV-18916r2_rule
Found rule: SV-18918r1_rule
Found rule: SV-18920r1_rule
Found rule: SV-18935r1_rule
Found rule: SV-18946r1_rule
Found rule: SV-18948r1_rule
Found rule: SV-18950r2_rule
Found rule: SV-18958r1_rule
Found rule: SV-18960r1_rule
Found rule: SV-18962r1_rule
Found rule: SV-18964r1_rule
Found rule: SV-18970r1_rule
Found rule: SV-18978r1_rule
Found rule: SV-18980r1_rule
Found rule: SV-18985r1_rule
Found rule: SV-18988r1_rule
Found rule: SV-18990r1_rule
Found rule: SV-18992r1_rule
Found rule: SV-18995r1_rule
Found rule: SV-19005r1_rule
Found rule: SV-19010r1_rule
Found rule: SV-19012r1_rule
Found rule: SV-19014r1_rule
Found rule: SV-19018r1_rule
Found rule: SV-19023r1_rule
Found rule: SV-19026r1_rule
Found rule: SV-19028r1_rule
Found rule: SV-19030r1_rule
Found rule: SV-19032r1_rule
Found rule: SV-19038r1_rule
Found rule: SV-19040r1_rule
Found rule: SV-19042r1_rule
Found rule: SV-19050r1_rule
Found rule: SV-19435r1_rule
有人可以解释为什么当我在每个规则上调用 ReadInnerXml() 时缺少 SV-62707r1_rule 吗?更好的是,有人可以描述如何在不跳过其中一个的情况下获取所有规则元素的内部 XML 字符串吗?
当您查看 XML 文件 (U_MicrosoftOutlook2007_V4R13_Manual-xccdf.xml) 时,您会发现该代码附加了以下信息:
Criteria: If the value BlockExtContent is REG_DWORD = 1, this is not a finding.
Display external content and pictures in HTML eMail - Outlook.
Malicious e-mail senders can send HTML e-mail messages with embedded Web beacons, which are pictures and other content from external servers that can be used to track whether specific recipients open the message. Viewing an e-mail message that contains a Web beacon provides confirmation that the recipient's e-mail address is valid, which leaves the recipient vulnerable to additional spam and harmful e-mail. By default, Outlook does not download external content in HTML e-mail and RSS items unless the content is considered safe. Content that Outlook 2007 can be configured to consider safe includes:
• Content in e-mail messages from senders and to recipients defined in the Safe Senders and Safe Recipients lists.
• Content from Web sites in Internet Explorer's Trusted Sites security zone.
• Content in RSS items.
• Content from SharePoint Discussion Boards.
Users can control what content is considered safe by changing the options in the Automatic Download section of the Trust Center. If Outlook's default blocking configuration is overridden, in the Trust Center or by some other method, Outlook will display external content in all HTML e-mail messages, including any that include Web beacons.
你或许可以从这里找出问题所在。
在你的循环中,你在每次迭代时调用 reader.Read()。因此,当您点击 Rule 打开元素标签时,您会调用 reader.ReadInnerXml() 方法,该方法读取整个 Rule 元素,包括结束元素标签。紧接着你调用 reader.Read() 并跳过文档中的下一个节点,如果下一个节点是另一个 Rule 开放元素标签,那么你会错过它。作为简单的修复,您可以在第二个代码中将 if 更改为 while。