diff --git a/src/AssemblyInfo.Csv.Core.fs b/src/AssemblyInfo.Csv.Core.fs index e5282ab0e..888e73cc7 100644 --- a/src/AssemblyInfo.Csv.Core.fs +++ b/src/AssemblyInfo.Csv.Core.fs @@ -1,5 +1,6 @@ // Auto-Generated by FAKE; do not edit namespace System + open System.Reflection [] @@ -10,8 +11,17 @@ open System.Reflection do () module internal AssemblyVersionInformation = - let [] AssemblyTitle = "FSharp.Data.Csv.Core" - let [] AssemblyProduct = "FSharp.Data" - let [] AssemblyDescription = "Library of F# type providers and data access tools" - let [] AssemblyVersion = "6.6.0.0" - let [] AssemblyFileVersion = "6.6.0.0" + [] + let AssemblyTitle = "FSharp.Data.Csv.Core" + + [] + let AssemblyProduct = "FSharp.Data" + + [] + let AssemblyDescription = "Library of F# type providers and data access tools" + + [] + let AssemblyVersion = "6.6.0.0" + + [] + let AssemblyFileVersion = "6.6.0.0" diff --git a/src/AssemblyInfo.DesignTime.fs b/src/AssemblyInfo.DesignTime.fs index 1c6932de9..3aad23dfc 100644 --- a/src/AssemblyInfo.DesignTime.fs +++ b/src/AssemblyInfo.DesignTime.fs @@ -1,5 +1,6 @@ // Auto-Generated by FAKE; do not edit namespace System + open System.Reflection [] @@ -10,8 +11,17 @@ open System.Reflection do () module internal AssemblyVersionInformation = - let [] AssemblyTitle = "FSharp.Data.DesignTime" - let [] AssemblyProduct = "FSharp.Data" - let [] AssemblyDescription = "Library of F# type providers and data access tools" - let [] AssemblyVersion = "6.6.0.0" - let [] AssemblyFileVersion = "6.6.0.0" + [] + let AssemblyTitle = "FSharp.Data.DesignTime" + + [] + let AssemblyProduct = "FSharp.Data" + + [] + let AssemblyDescription = "Library of F# type providers and data access tools" + + [] + let AssemblyVersion = "6.6.0.0" + + [] + let AssemblyFileVersion = "6.6.0.0" diff --git a/src/AssemblyInfo.Html.Core.fs b/src/AssemblyInfo.Html.Core.fs index 6d9977aa8..c5af74d43 100644 --- a/src/AssemblyInfo.Html.Core.fs +++ b/src/AssemblyInfo.Html.Core.fs @@ -1,5 +1,6 @@ // Auto-Generated by FAKE; do not edit namespace System + open System.Reflection [] @@ -10,8 +11,17 @@ open System.Reflection do () module internal AssemblyVersionInformation = - let [] AssemblyTitle = "FSharp.Data.Html.Core" - let [] AssemblyProduct = "FSharp.Data" - let [] AssemblyDescription = "Library of F# type providers and data access tools" - let [] AssemblyVersion = "6.6.0.0" - let [] AssemblyFileVersion = "6.6.0.0" + [] + let AssemblyTitle = "FSharp.Data.Html.Core" + + [] + let AssemblyProduct = "FSharp.Data" + + [] + let AssemblyDescription = "Library of F# type providers and data access tools" + + [] + let AssemblyVersion = "6.6.0.0" + + [] + let AssemblyFileVersion = "6.6.0.0" diff --git a/src/AssemblyInfo.Http.fs b/src/AssemblyInfo.Http.fs index e7bf4bb51..d622309cb 100644 --- a/src/AssemblyInfo.Http.fs +++ b/src/AssemblyInfo.Http.fs @@ -1,5 +1,6 @@ // Auto-Generated by FAKE; do not edit namespace System + open System.Reflection [] @@ -10,8 +11,17 @@ open System.Reflection do () module internal AssemblyVersionInformation = - let [] AssemblyTitle = "FSharp.Data.Http" - let [] AssemblyProduct = "FSharp.Data" - let [] AssemblyDescription = "Library of F# type providers and data access tools" - let [] AssemblyVersion = "6.6.0.0" - let [] AssemblyFileVersion = "6.6.0.0" + [] + let AssemblyTitle = "FSharp.Data.Http" + + [] + let AssemblyProduct = "FSharp.Data" + + [] + let AssemblyDescription = "Library of F# type providers and data access tools" + + [] + let AssemblyVersion = "6.6.0.0" + + [] + let AssemblyFileVersion = "6.6.0.0" diff --git a/src/AssemblyInfo.Json.Core.fs b/src/AssemblyInfo.Json.Core.fs index dc058f775..b9c0ebccb 100644 --- a/src/AssemblyInfo.Json.Core.fs +++ b/src/AssemblyInfo.Json.Core.fs @@ -1,5 +1,6 @@ // Auto-Generated by FAKE; do not edit namespace System + open System.Reflection [] @@ -10,8 +11,17 @@ open System.Reflection do () module internal AssemblyVersionInformation = - let [] AssemblyTitle = "FSharp.Data.Json.Core" - let [] AssemblyProduct = "FSharp.Data" - let [] AssemblyDescription = "Library of F# type providers and data access tools" - let [] AssemblyVersion = "6.6.0.0" - let [] AssemblyFileVersion = "6.6.0.0" + [] + let AssemblyTitle = "FSharp.Data.Json.Core" + + [] + let AssemblyProduct = "FSharp.Data" + + [] + let AssemblyDescription = "Library of F# type providers and data access tools" + + [] + let AssemblyVersion = "6.6.0.0" + + [] + let AssemblyFileVersion = "6.6.0.0" diff --git a/src/AssemblyInfo.Runtime.Utilities.fs b/src/AssemblyInfo.Runtime.Utilities.fs index 3005f3d95..6369e3d64 100644 --- a/src/AssemblyInfo.Runtime.Utilities.fs +++ b/src/AssemblyInfo.Runtime.Utilities.fs @@ -1,5 +1,6 @@ // Auto-Generated by FAKE; do not edit namespace System + open System.Reflection [] @@ -10,8 +11,17 @@ open System.Reflection do () module internal AssemblyVersionInformation = - let [] AssemblyTitle = "FSharp.Data.Runtime.Utilities" - let [] AssemblyProduct = "FSharp.Data" - let [] AssemblyDescription = "Library of F# type providers and data access tools" - let [] AssemblyVersion = "6.6.0.0" - let [] AssemblyFileVersion = "6.6.0.0" + [] + let AssemblyTitle = "FSharp.Data.Runtime.Utilities" + + [] + let AssemblyProduct = "FSharp.Data" + + [] + let AssemblyDescription = "Library of F# type providers and data access tools" + + [] + let AssemblyVersion = "6.6.0.0" + + [] + let AssemblyFileVersion = "6.6.0.0" diff --git a/src/AssemblyInfo.WorldBank.Core.fs b/src/AssemblyInfo.WorldBank.Core.fs index 7cf434b3d..17eaa1171 100644 --- a/src/AssemblyInfo.WorldBank.Core.fs +++ b/src/AssemblyInfo.WorldBank.Core.fs @@ -1,5 +1,6 @@ // Auto-Generated by FAKE; do not edit namespace System + open System.Reflection [] @@ -10,8 +11,17 @@ open System.Reflection do () module internal AssemblyVersionInformation = - let [] AssemblyTitle = "FSharp.Data.WorldBank.Core" - let [] AssemblyProduct = "FSharp.Data" - let [] AssemblyDescription = "Library of F# type providers and data access tools" - let [] AssemblyVersion = "6.6.0.0" - let [] AssemblyFileVersion = "6.6.0.0" + [] + let AssemblyTitle = "FSharp.Data.WorldBank.Core" + + [] + let AssemblyProduct = "FSharp.Data" + + [] + let AssemblyDescription = "Library of F# type providers and data access tools" + + [] + let AssemblyVersion = "6.6.0.0" + + [] + let AssemblyFileVersion = "6.6.0.0" diff --git a/src/AssemblyInfo.Xml.Core.fs b/src/AssemblyInfo.Xml.Core.fs index 6ee2e054b..8f71377c6 100644 --- a/src/AssemblyInfo.Xml.Core.fs +++ b/src/AssemblyInfo.Xml.Core.fs @@ -1,5 +1,6 @@ // Auto-Generated by FAKE; do not edit namespace System + open System.Reflection [] @@ -10,8 +11,17 @@ open System.Reflection do () module internal AssemblyVersionInformation = - let [] AssemblyTitle = "FSharp.Data.Xml.Core" - let [] AssemblyProduct = "FSharp.Data" - let [] AssemblyDescription = "Library of F# type providers and data access tools" - let [] AssemblyVersion = "6.6.0.0" - let [] AssemblyFileVersion = "6.6.0.0" + [] + let AssemblyTitle = "FSharp.Data.Xml.Core" + + [] + let AssemblyProduct = "FSharp.Data" + + [] + let AssemblyDescription = "Library of F# type providers and data access tools" + + [] + let AssemblyVersion = "6.6.0.0" + + [] + let AssemblyFileVersion = "6.6.0.0" diff --git a/src/AssemblyInfo.fs b/src/AssemblyInfo.fs index fa95cbef3..6f77a7564 100644 --- a/src/AssemblyInfo.fs +++ b/src/AssemblyInfo.fs @@ -1,5 +1,6 @@ // Auto-Generated by FAKE; do not edit namespace System + open System.Reflection [] @@ -10,8 +11,17 @@ open System.Reflection do () module internal AssemblyVersionInformation = - let [] AssemblyTitle = "FSharp.Data" - let [] AssemblyProduct = "FSharp.Data" - let [] AssemblyDescription = "Library of F# type providers and data access tools" - let [] AssemblyVersion = "6.6.0.0" - let [] AssemblyFileVersion = "6.6.0.0" + [] + let AssemblyTitle = "FSharp.Data" + + [] + let AssemblyProduct = "FSharp.Data" + + [] + let AssemblyDescription = "Library of F# type providers and data access tools" + + [] + let AssemblyVersion = "6.6.0.0" + + [] + let AssemblyFileVersion = "6.6.0.0" diff --git a/src/FSharp.Data.Xml.Core/XmlRuntime.fs b/src/FSharp.Data.Xml.Core/XmlRuntime.fs index 537a4d6af..23c76ff7c 100644 --- a/src/FSharp.Data.Xml.Core/XmlRuntime.fs +++ b/src/FSharp.Data.Xml.Core/XmlRuntime.fs @@ -6,7 +6,6 @@ namespace FSharp.Data.Runtime.BaseTypes open System.ComponentModel open System.IO -open System.Xml open System.Xml.Linq #nowarn "10001" @@ -57,16 +56,7 @@ type XmlElement = IsError = false)>] static member Create(reader: TextReader) = use reader = reader - // Secure XML parsing: disable DTD processing and external entities to prevent XXE attacks - let xmlReaderSettings = - new XmlReaderSettings( - DtdProcessing = DtdProcessing.Prohibit, - XmlResolver = null, - MaxCharactersFromEntities = 1024L * 1024L - ) // 1MB limit - - use xmlReader = XmlReader.Create(reader, xmlReaderSettings) - let element = XDocument.Load(xmlReader, LoadOptions.PreserveWhitespace).Root + let element = XDocument.Load(reader, LoadOptions.PreserveWhitespace).Root { XElement = element } /// @@ -79,26 +69,12 @@ type XmlElement = use reader = reader let text = reader.ReadToEnd() - // Secure XML parsing: disable DTD processing and external entities to prevent XXE attacks - let xmlReaderSettings = - new XmlReaderSettings( - DtdProcessing = DtdProcessing.Prohibit, - XmlResolver = null, - MaxCharactersFromEntities = 1024L * 1024L - ) // 1MB limit - try - use stringReader = new StringReader(text) - use xmlReader = XmlReader.Create(stringReader, xmlReaderSettings) - - XDocument.Load(xmlReader, LoadOptions.PreserveWhitespace).Root.Elements() + XDocument.Parse(text, LoadOptions.PreserveWhitespace).Root.Elements() |> Seq.map (fun value -> { XElement = value }) |> Seq.toArray with _ when text.TrimStart().StartsWith "<" -> - use stringReader = new StringReader("" + text + "") - use xmlReader = XmlReader.Create(stringReader, xmlReaderSettings) - - XDocument.Load(xmlReader, LoadOptions.PreserveWhitespace).Root.Elements() + XDocument.Parse("" + text + "", LoadOptions.PreserveWhitespace).Root.Elements() |> Seq.map (fun value -> { XElement = value }) |> Seq.toArray