aboutsummaryrefslogtreecommitdiffstats
path: root/tests/unit/XmlRpcTest.php
Commit message (Collapse)AuthorAgeFilesLines
* Switch to useing XMLReader to parse XML payloads.Harald Eilertsen2024-07-071-0/+23
| | | | | | | | | | | | | | XMLParser would expand entities by default, which could make us susceptible both to XXE attacks, and the billion laughs attack. By default XMLReader does _not_ expand entities, so it's a safer choice. This also changes the XmlRpcMethod::parse() function to throw a runtime exception if the XML payload could not be parsed, and to return null if the payload does not contain a valid <methodName> element. In cases where we're unable to parse the payload as a valid XML-RPC request, we fall back to saving the full request info as before.
* Add class for representing XML-RPC payloads.Harald Eilertsen2024-07-061-0/+26