Nmap Development mailing list archives
Re: [Patch] Re: NMAP XML reports unreadable in linux
From: Brandon Enright <bmenrigh () ucsd edu>
Date: Fri, 07 Jul 2006 03:34:09 +0000
On Thu, 2006-07-06 at 18:32 -0700, Fyodor wrote:
On Thu, Jul 06, 2006 at 11:57:17AM +0200, Eddie Bell wrote:Here is a patch against nmap-4.20ALPHA1 that adds a doctype to the xml and adds the <distance> tag to the dtd. It now validates.Thanks. Do you guys think it is important that we reference a DTD from the file? Will it make more applications work with the XML output? Or is it likely to cause more trouble than it is worth?
I always validate XML docs against a DTD but in general, it is totally unnecessary. I'd really like to see an option for adding the DOCTYPE because I always do it manually or with a script. The trouble with Nmap is that the XML output often evolves without the necessary changes being made to the DTD. Or as you pointed out, the DTD may evolve without users updating to the latest release. It's probably better to leave the DOCTYPE out by default.
I guess my concern is that it depends on the DTD existing in /usr/local/share/nmap/nmap.dtd , which is only true on the machine Nmap ran on. And in fact even that isn't ture on Windows or even on UNIX if the --prefix is changed or the RPM version is installed. Part of this could be fixed by using NMAP_DATA_DIR as is done for the stylesheet. But that won't help for the "viewd on another machine" case. For stylesheets, we offer the --stylesheet and --webxml to move them. I suppose we could have --webxml also point to the DTD at http://www.insecure.org/nmap/data/nmap.dtd . Though one issue is that the DTD there is always for the latest version of Nmap and may not match output produced by someone using an older version. Still, it might be better than using a filesystem path even if --webxml isn't specified. I don't really know enough about the different ways people uses these to really judge. What do you guys think would be best? Cheers, -F
Here's one compromise that comes to mind: We add a new option, say, --dtd. By default the DOCTYPE is not printed in the XML results. If --dtd is specified, Nmap prints the DOCTYPE with http://www.insecure.org/nmap/data/nmap.dtd. The --dtd could also take an optional argument to specify the path. I'm not sure how much trouble adding --dtd with an optional path would be but it seems like the best option. If this doesn't sound too objectionable I'd be happy to submit a patch in a few days. Brandon _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev
Current thread:
- NMAP XML reports unreadable in linux HG (Jul 05)
- Re: NMAP XML reports unreadable in linux Brandon Enright (Jul 05)
- Re: NMAP XML reports unreadable in linux HG (Jul 06)
- [Patch] Re: NMAP XML reports unreadable in linux Eddie Bell (Jul 06)
- Re: [Patch] Re: NMAP XML reports unreadable in linux Eddie Bell (Jul 06)
- Re: [Patch] Re: NMAP XML reports unreadable in linux HG (Jul 06)
- Re: [Patch] Re: NMAP XML reports unreadable in linux Fyodor (Jul 06)
- Re: [Patch] Re: NMAP XML reports unreadable in linux Brandon Enright (Jul 06)
- Re: [Patch] Re: NMAP XML reports unreadable in linux Adam Vartanian (Jul 06)
- Re: [Patch] Re: NMAP XML reports unreadable in linux Eddie Bell (Jul 07)
- Re: NMAP XML reports unreadable in linux HG (Jul 06)
- Re: NMAP XML reports unreadable in linux Brandon Enright (Jul 05)