A few comments from eyeballing the patch:
- Depending upon how much c14n functionality there is to be, this might be better off as a standalone extension. This way it wouldn't be dependant upon DOM (especially if PHP is built without it) and allow it to work with simplexml alone. Take xsl for example (although it requires dom to output a dom document, it allows processing via simplexml input - as simplexml has no concept of a document i allow any simplexml element to be used that has a document and just use the document from that node.
- Looking at the patch, you may want to change the optional node argument to an array so that multiple nodes can be used for the visibility test
- node needs to be initialized to NULL other wise if none is passed it most likely will crash. that being said, if none is passed in you should probably test and use xmlC14NDocSaveTo as it will run much faster as no callback would need to be run.
- no need to dupe the xml output buffer content and then dupe it again when creating a zval. would dupe the output buffer straight into the zval.
- str_inclusive_ns parameter is st as a string. This however needs to allow to a list of strings since inclusive_ns_prefixes is a xmlChar ** which will be iterated to get all the prefixes.
Thats pretty much what jumped out at me as I mentioned I have only looked at the patch and havent played with it.
If you are really looking at implementing the xml-security specs, you might want to think about just creating an extension from the xmlsec library. Developng xmlsec is very complicated (just check out the libxml mailing list as this has been brought up before and people are always steered to the xmlsec library). I had started a while back working on an extension for this, but other than some early layout code I haven't found the time to work on it, so before diving in trying to write it from scratch you might want to check out that library.
http://www.aleksey.com/xmlsec/
Rob
David Kingma | jool.nl wrote:
Hi Rob / Chregu,
As a first (small) step to implementing xml-security specs (dig-sign, encryption) I created a patch against HEAD to expose (exclusive-)C14n functionality from libxml2. I allows you to canonize a single node (with it's children) or a whole document, with or without comments, exclusive or not. I also created a small test file to show it's functionality. Could you please review the patch or else commit it (if it's ok with everybody)?
Thanks
David
-- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
