public void SafeLoadXmlFromPath_can_load_xml_without_entities() { var filePath = Path.GetTempFileName(); File.WriteAllText(filePath, "<entity-framework />"); var xmlDoc = EdmUtils.SafeLoadXmlFromPath(filePath); Assert.NotNull(xmlDoc); Assert.Equal("entity-framework", xmlDoc.DocumentElement.Name); }
public void SafeLoadXmlFromPath_throws_if_xml_contains_entities() { var filePath = Path.GetTempFileName(); File.WriteAllText(filePath, "<!ENTITY network \"network\">\n<entity-framework>&network;</entity-framework>"); var message = Assert.Throws <XmlException>( () => EdmUtils.SafeLoadXmlFromPath(filePath)).Message; Assert.Contains("DTD", message); Assert.Contains("DtdProcessing", message); Assert.Contains("Parse", message); }
// protected virtual to allow mocking protected virtual XmlDocument SafeLoadXmlFromPath(string filePath) { Debug.Assert(!string.IsNullOrWhiteSpace(filePath), "Invalid filePath"); return(EdmUtils.SafeLoadXmlFromPath(filePath, preserveWhitespace: true)); }