我正在尝试解析 Burp Suite XML 导出。我使用过 Stax 解析器和 XPath 解析器。但我越来越
Location: /py/message/viewBill.pt [id parameter]]]></location>
<severity>High</severity>
<confidence>Certain</confidence>
<issueBackground><![CDATA[Reflected
javax.xml.stream.XMLStreamException: ParseError at [row,col]:[66,2357]
Message: The element type "location" must be terminated by the matching end-tag "< /location>".
at com.sun.org.apache.xerces.internal.impl.XMLStreamReaderImpl.next(XMLStreamReaderImpl.java:604)
at com.sun.xml.internal.stream.XMLEventReaderImpl.nextEvent(XMLEventReaderImpl.java:83)
总是出错。尽管有结束标记,但解析器找不到它。我的代码是:
XMLInputFactory factory = XMLInputFactory.newInstance();
XMLEventReader eventReader = factory.createXMLEventReader(new StringReader(str));
while (eventReader.hasNext()) {
XMLEvent event = eventReader.nextEvent();
switch (event.getEventType()) {
case XMLStreamConstants.START_ELEMENT:
StartElement startElement = event.asStartElement();
String qName = startElement.getName().getLocalPart();
if (qName.equalsIgnoreCase(ISSUES)) {
issues = true;
} else if (qName.equalsIgnoreCase(ISSUE)) {
issue = true;
} else if (qName.equalsIgnoreCase(NAME)) {
name = true;
} else if (qName.equalsIgnoreCase(HOST)) {
host = true;
} else if (qName.equalsIgnoreCase(PATH)) {
path = true;
} else if (qName.equalsIgnoreCase(LOCATION)) {
location = true;
} else if (qName.equalsIgnoreCase(SEVERITY)) {
severity = true;
}
break;
case XMLStreamConstants.CHARACTERS:
Characters characters = event.asCharacters();
if (name) {
System.out.println("Name: " + characters.getData());
name = false;
} else if (host) {
System.out.println("Host: " + characters.getData());
host = false;
} else if (path) {
System.out.println("Path: " + characters.getData());
path = false;
} else if (location) {
System.out.println("Location: " + characters.getData());
location = false;
} else if (severity) {
System.out.println("severity: " + characters.getData());
severity = false;
}
break;
case XMLStreamConstants.END_ELEMENT:
EndElement endElement = event.asEndElement();
String endElementName = endElement.getName().getLocalPart();
if (endElementName.equalsIgnoreCase(ISSUE)) {
issue = false;
} else if (endElementName.equalsIgnoreCase(NAME)) {
name = false;
} else if (endElementName.equalsIgnoreCase(HOST)) {
host = false;
} else if (endElementName.equalsIgnoreCase(PATH)) {
path = false;
} else if (endElementName.equalsIgnoreCase(LOCATION)) {
location = false;
}
break;
}
}
我正在尝试解析我在 https://github.com/mtesauro/parse-tools/blob/master/examples/brief-burp-export.xml 上找到的报告.
有人可以给一些建议吗?
最佳答案
我大胆猜测这是 XML 解析器中的一个错误。具体来说,我怀疑它没有识别]]]>
第 63 行作为 CDATA 部分的终止,因此它继续认为它位于 CDATA 中,直到 ]]>
在第 66 行末尾,此时它找到了结束标记 </issueBackground>
它在哪里寻找 </location>
。向 XML 解析器的供应商提出请求,或者改用有效的解析器。
关于java - 使用 Stax 解析器解析 XML 1.1 文档时出现错误,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/59681429/