Home >Operation and Maintenance >Safety >What are the basic syntaxes for xPath injection?

What are the basic syntaxes for xPath injection?

王林
王林forward
2023-05-26 12:01:541666browse

First of all, what is xPath: xPath is a language for finding information in xml

xPath contains seven types of nodes: elements, attributes, text, namespaces, processing instructions, comments and Document root node. XML documents are parsed according to the structure of the document tree. The root of the document tree is called the document node or root node.

What are the basic syntaxes for xPath injection?

This is the source code of a basic xml document. From this xml source code, we can see that bookstore is the document node (root node), book, title, author, year, and price are element nodes. The book node has four child element nodes: title, author, year, price, and the title node has three siblings: author, year, price. The title element node has an attribute and a text node. The attribute node is lang and its value is en. The value of the text node is HarryPotter.

There are some descriptions of xml node relationships below (similar to trees in data structures):

Parent: The parent of the book node is bookstore, and the book node is title, author, year, price The parent of the node. (Each node can only have one parent).

Child: book is the child of bookstore, and the child of book node is the child of title, author, year, and price.

(Element nodes can have zero, one or more children).

The sibling elements of the title include author, year and price. These elements have the same parent node, similar to sibling nodes in a tree structure. (Nodes can have zero, one or more siblings).

Ancestors: the node’s parent, parent’s parent, parent’s parent’s parent (infinite loop), the ancestors of the title element node are book and bookstore.

Descendants: children of nodes, children of children, children of children (infinite loop), the descendants of bookstore document nodes are book, title, author, year, price, lang.

It is not enough to know the node relationship of xml. You also need to know how it is queried. xPath uses path expressions to select nodes or node sets in the document. Nodes are selected along paths or steps.

What are the basic syntaxes for xPath injection?

#XPath uses path expressions to select nodes in an XML document. Nodes are selected by following a path or step. The most useful path expressions are listed below:

nodename: select all nodes of this node

/: select from the root node

//: select from the match The current node selects nodes in the document regardless of their position

.: selects the current node

..: selects the parent node of the current node

@: selects Attribute

Let’s directly use xpath query syntax to query through js

First write an html file template about xpath calling (the calling code is written into js), and then prepare a xml file for query.

The source code of the js template is as follows:

https://www.runoob.com/try/try.php?filename=try_xpath_select_cdnodes

Look at this html one by one The js code in the file (because there is only js code)

What are the basic syntaxes for xPath injection?

This is an asynchronous calling function of js. The important codes are in lines 15 and 17. The dname function passed in by the function on line 15 is the path of xml, and the obtained xml file is returned on line 17.

What are the basic syntaxes for xPath injection?

Please refer to line 20. The variable xml obtains the XML file obtained after executing the loadXMLDOC function. The path variable in line 21 is the query syntax of xpath. The first if statement determines whether it is a browser of IE6 or below. If it is a browser of IE6 or below, after obtaining the node array of the corresponding query, the values ​​in the array are traversed and output to the page.

What are the basic syntaxes for xPath injection?

The second if statement has the same execution process for non-IE6 and below browsers, but the syntax is slightly different. Non-IE6 and below browsers pass evaluate Functions are used to query, and the format is basically fixed. Let’s practice the syntax just mentioned.

Query syntax replacement only requires modifying the value of path.

What are the basic syntaxes for xPath injection?

First list the syntax that needs to be queried:

Note: If the path starts with a forward slash (/), this path will always Represents the absolute path to an element!

bookstore: Select all child nodes of the bookstore element.

/bookstore: Select the root element bookstore.

bookstore/book: Selects all book elements that are child elements of bookstore.

//book: Selects all book child elements regardless of their position in the document.

bookstore//book: Selects all book elements that are descendants of the bookstore element, regardless of where they are below bookstore:.

//@lang: Select all attributes named lang.

Using only these single queries may not yield the expected results, and you need to combine them with other query statements. The following is some syntax that needs to be matched:

Predicate (use square brackets, in order to obtain more precise query results):

Select the path of the first sub-element book of the bookstore element to /bookstore /book[1].

/bookstore/book[last()]: Select the last book element that is a child element of bookstore.

/bookstore/book[last()-1]: Select the penultimate book element that is a child element of bookstore.

/bookstore/book[position()

//title[@lang]: Selects all title elements with an attribute named lang.

//title[@lang='eng']: Selects all title elements that have a lang attribute with a value of eng.

/bookstore/book[price>35.00]: Select all book elements of the bookstore element, and the value of the price element must be greater than 35.00.

/bookstore/book[price>35.00]/title: Select all title elements of the book element in the bookstore element, and the value of the price element must be greater than 35.00.

Select unknown nodes:

*: Match any element node.

@*: Match any attribute node.

node(): Matches any type of node.

For example:

/bookstore/*: Select all child elements of the bookstore element.

//*: Select all elements in the document.

//title[@*]: Select all title elements with attributes.

Select several paths:

//book/title | //book/price: Select all title and price elements of the book element.

//title | //price: Select all title and price elements in the document.

/bookstore/book/title | //price: Select all title elements belonging to the book element of the bookstore element, and all price elements in the document

Look at a few query examples:

Query the title value of the second book:/bookstore/book[1]/title

What are the basic syntaxes for xPath injection?

Query the title value of all books:/ bookstore/book//title

What are the basic syntaxes for xPath injection?

Query the value of all titles with the lang attribute:/bookstore/book//title[@lang]

What are the basic syntaxes for xPath injection?

The above is the detailed content of What are the basic syntaxes for xPath injection?. For more information, please follow other related articles on the PHP Chinese website!

Statement:
This article is reproduced at:yisu.com. If there is any infringement, please contact admin@php.cn delete