-
Notifications
You must be signed in to change notification settings - Fork 42
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
vocab xsi:type is not preserved going round-trip (possible invalid XML) #203
Comments
When I first tried this, I was able to reproduce. I then updated |
When I ran the We don't:
You can manually set the |
I will mention this in #201 I don't think python-cybox should try to validate user strings. I do think python-cybox should pass the xsi:type along into the dictionary/JSON and object structures so developers can decide how to handle them. The new version handles this case; however, addressing #201 would fix the general case. Since updated output.json {
"id":"INSERT_PACKAGE_ID_HERE",
"ttps":{
"ttps":[
{
"id":"INSERT_TTP_ID_HERE",
"resources":{
"tools":[
{
"description":"Tool Description",
"name":"TTP Resource tool",
"type":[
"NIDS",
"SIM",
"Intelligence Service Platform"
],
"vendor":"Tool Vendor",
"version":"Tool Version"
}
]
},
"version":"1.1.1"
}
]
},
"version":"1.1.1"
} updated output.xml <stix:STIX_Package
xmlns:STIX_EDITOR="http://STIXDUDE.AWESOME"
xmlns:cyboxCommon="http://cybox.mitre.org/common-2"
xmlns:cybox="http://cybox.mitre.org/cybox-2"
xmlns:cyboxVocabs="http://cybox.mitre.org/default_vocabularies-2"
xmlns:ttp="http://stix.mitre.org/TTP-1"
xmlns:stixCommon="http://stix.mitre.org/common-1"
xmlns:stixVocabs="http://stix.mitre.org/default_vocabularies-1"
xmlns:stix="http://stix.mitre.org/stix-1"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="
http://cybox.mitre.org/common-2 http://cybox.mitre.org/XMLSchema/common/2.1/cybox_common.xsd
http://cybox.mitre.org/cybox-2 http://cybox.mitre.org/XMLSchema/core/2.1/cybox_core.xsd
http://cybox.mitre.org/default_vocabularies-2 http://cybox.mitre.org/XMLSchema/default_vocabularies/2.1/cybox_default_vocabularies.xsd
http://stix.mitre.org/TTP-1 http://stix.mitre.org/XMLSchema/ttp/1.1.1/ttp.xsd
http://stix.mitre.org/common-1 http://stix.mitre.org/XMLSchema/common/1.1.1/stix_common.xsd
http://stix.mitre.org/default_vocabularies-1 http://stix.mitre.org/XMLSchema/default_vocabularies/1.1.1/stix_default_vocabularies.xsd
http://stix.mitre.org/stix-1 http://stix.mitre.org/XMLSchema/core/1.1.1/stix_core.xsd" id="INSERT_PACKAGE_ID_HERE" version="1.1.1">
<stix:TTPs>
<stix:TTP id="INSERT_TTP_ID_HERE" xsi:type='ttp:TTPType' version="1.1.1">
<ttp:Resources>
<ttp:Tools>
<ttp:Tool>
<cyboxCommon:Name>TTP Resource tool</cyboxCommon:Name>
<cyboxCommon:Type xsi:type="cyboxVocabs:ToolTypeVocab-1.1">NIDS</cyboxCommon:Type>
<cyboxCommon:Type xsi:type="cyboxVocabs:ToolTypeVocab-1.1">SIM</cyboxCommon:Type>
<cyboxCommon:Type xsi:type="cyboxVocabs:ToolTypeVocab-1.1">Intelligence Service Platform</cyboxCommon:Type>
<cyboxCommon:Description>Tool Description</cyboxCommon:Description>
<cyboxCommon:Vendor>Tool Vendor</cyboxCommon:Vendor>
<cyboxCommon:Version>Tool Version</cyboxCommon:Version>
</ttp:Tool>
</ttp:Tools>
</ttp:Resources>
</stix:TTP>
</stix:TTPs>
</stix:STIX_Package> |
I haven't tried you calling the cybox parser separately but since this is a cyboxCommon element, I thought it should be mentioned here. I haven't tested with all vocab xsi:types but I have provided
cyboxCommon:Type
as an example. Addressing #201 may be helpful in solving this.input.xml
script.py
output.xml (invalid)
The text was updated successfully, but these errors were encountered: