Hey there,

We're making use of PHPIDS and love it so far. However, we just ran into an issue where it doesn't seem to like the XML we're consuming for our webservices. I ran it through the web service for an impact of 35.

<RESPONSE_GROUP MISMOVersionID="2.4">
<RESPONSE>
<Key _Name="AppraisalID" _Value="199" />
<RESPONSE_DATA>
<VALUATION_RESPONSE MISMOVersionID="2.4" >
<EMBEDDED_FILE _ID="5" _TYPE= "3" MIMEType="applications/pdf" _Name="Purchase_Agreement.pdf" _EncodingType="Base64">
<DOCUMENT><![CDATA[YWFhYWE=]]></DOCUMENT>
</EMBEDDED_FILE>


<CONDITIONS>
<CONDITION SeqID="55"/>
</CONDITIONS>
</VALUATION_RESPONSE>
</RESPONSE_DATA>
</RESPONSE>
</RESPONSE_GROUP>

Ooops, forgot the rest of my question.

Should I add the url for our webservice to the exception list, or is there a better way to handle this?

Thanks!

We have no possibility to work with arbitrary XML right now - way too application specific what could be done by an attacker. HTML yes, JSON too - but XML so far no. Exception list would be best - or a little pre-treatment of this data before sending it to the PHPIDS to have it just contain the relevant data w/o structural info.

Greetings,
.mario