demo/validator
1
0
Fork 0
mirror of https://github.com/itplr-kosit/validator.git synced 2026-05-25 16:55:39 +00:00
Code Issues Projects Releases Packages Wiki Activity

Compare commits

base: demo:93a64223b8d705867794542aab0c459f5c2c6b7a
Branches Tags
demo:main
demo:release/1.6.x
demo:release/1.5.x
demo:dependabot/npm_and_yarn/server/ui/postcss-8.4.31
demo:dependabot/npm_and_yarn/server/ui/word-wrap-1.2.4
demo:dependabot/npm_and_yarn/server/ui/semver-5.7.2
demo:v1.6.2
demo:v1.6.1
demo:v1.6.0
demo:v1.5.2
demo:v1.5.1
demo:v1.5.0
demo:v1.4.2
demo:v1.4.1
demo:v1.4.0
demo:v1.3.1
demo:v1.3.0
demo:v1.2.1
demo:v1.2.0
demo:v1.1.3
demo:v1.1.2
demo:v1.1.1
demo:v1.1.0
demo:validationtool-1_0_1
demo:v1.0.0
...
compare: demo:705b0b2501e8bd14e458c437de6e7472eee412db
Branches Tags
demo:main
demo:release/1.6.x
demo:release/1.5.x
demo:dependabot/npm_and_yarn/server/ui/postcss-8.4.31
demo:dependabot/npm_and_yarn/server/ui/word-wrap-1.2.4
demo:dependabot/npm_and_yarn/server/ui/semver-5.7.2
demo:v1.6.2
demo:v1.6.1
demo:v1.6.0
demo:v1.5.2
demo:v1.5.1
demo:v1.5.0
demo:v1.4.2
demo:v1.4.1
demo:v1.4.0
demo:v1.3.1
demo:v1.3.0
demo:v1.2.1
demo:v1.2.0
demo:v1.1.3
demo:v1.1.2
demo:v1.1.1
demo:v1.1.0
demo:validationtool-1_0_1
demo:v1.0.0

2 commits
93a64223b8 ... 705b0b2501

Author SHA1 Message Date
Philip Helger
705b0b2501 Updated examples + links 2025-09-10 14:52:29 +02:00
yunussozeri
1ed9377b83
Update links to source code to current locations 
The links were old and not redirecting to the correct location
 2025-09-08 14:43:51 +02:00
2 changed files with 26 additions and 22 deletions
Download patch file Download diff file Expand all files Collapse all files

17
README.md
View file

@ -25,13 +25,16 @@ The Validator is just an engine and does not know anything about XML documents a
Validation rules and details are defined in [validation scenarios](docs/configurations.md) which are used to fully configure the validation process.
All configurations are self-contained modules which are deployed and developed on their own.
### Third party validation configurations
### Example validation configurations
Here are two public third party validation configurations available which might serve as examples:
Here are some public validation configurations:
* Validation Configuration for [XRechnung](http://www.xoev.de/de/xrechnung):
* Validation Configuration for [XRechnung](https://xeinkauf.de/xrechnung/):
* Source code is available on [GitHub](https://github.com/itplr-kosit/validator-configuration-xrechnung)
* [Releases](https://github.com/itplr-kosit/validator-configuration-xrechnung/releases) can also be downloaded
* Validation Configuration for [Peppol BIS Billing](docs.peppol.eu/poacc/billing/3.0/):
* Source code is available on [GitHub](https://github.com/itplr-kosit/validator-configuration-bis)
* [Releases](https://github.com/itplr-kosit/validator-configuration-bis/releases) can also be downloaded
* Validation Configuration for [XGewerbeanzeige](https://xgewerbeanzeige.de/)
* Source code is available on [GitHub](https://github.com/itplr-kosit/validator-configuration-xgewerbeanzeige)
* [Releases](https://github.com/itplr-kosit/validator-configuration-xgewerbeanzeige/releases) can also be downloaded
@ -42,7 +45,7 @@ The Validator can be used in three different ways:
* as standalone application running from the CLI
* as library embedded within a custom application
* as a daemon providing a http interface
* as a daemon providing an http interface
### Standalone Command Line Interface (CLI)
@ -51,7 +54,7 @@ The Validator can be used in three different ways:
The general way using the CLI is:
```shell
java -jar validator-<version>-standalone.jar -s <scenario-config-file> -r <repository-path>
java -jar validator-<version>-standalone.jar -s <scenario-config-file> [-r <repository-path>]
[OPTIONS] [FILE] [FILE] [FILE] ...
```
@ -61,8 +64,8 @@ The help option displays further CLI options to customize the process:
java -jar validator-<version>-standalone.jar --help
```
A concrete example with a specific validator configuration can be found on
[GitHub](https://github.com/itplr-kosit/validator-configuration-xrechnung)
A concrete example with a specific Validator configuration can be found on
[validator-configuration-bis](https://github.com/itplr-kosit/validator-configuration-bis)
The [CLI documentation](./docs/cli.md) shows further configuration options.

29
docs/api.md
View file

@ -92,25 +92,26 @@ public class StandardExample {
```
The `Result` interface has convenience methods to retrieve details about XSD validation errors and Schematron messages and other processing results. See
[Result.java](https://github.com/itplr-kosit/validator/blob/master/src/main/java/de/kosit/validationtool/api/Result.java) for details.
[Result.java](https://github.com/itplr-kosit/validator/blob/main/src/main/java/de/kosit/validationtool/api/Result.java) for details.
Initializing all XML artifacts and XSLT-executables is expensive. The `Check` instance is *threadsafe* and keeps all artifacts. Therefore,
we recommend the re-use of a `Check` instance.
Beside the validator's configuration the only input are instances of [Input](https://github.com/itplr-kosit/validator/blob/master/src/main/java/de/kosit/validationtool/api/Input.java)
which can be created by various methods of the [InputFactory](https://github.com/itplr-kosit/validator/blob/master/src/main/java/de/kosit/validationtool/api/InputFactory.java).
The [InputFactory](https://github.com/itplr-kosit/validator/blob/master/src/main/java/de/kosit/validationtool/api/InputFactory.java)
Beside the validator's configuration the only input are instances of [Input](https://github.com/itplr-kosit/validator/blob/main/src/main/java/de/kosit/validationtool/api/Input.java)
which can be created by various methods of the [InputFactory](https://github.com/itplr-kosit/validator/blob/main/src/main/java/de/kosit/validationtool/api/InputFactory.java).
The [InputFactory](https://github.com/itplr-kosit/validator/blob/main/src/main/java/de/kosit/validationtool/api/InputFactory.java)
calculates a hash sum for each Input which is also written to the Report. _SHA-256_ from the JDK is the default algorithm.
It can be changed using other `read`-methods of [InputFactory](https://github.com/itplr-kosit/validator/blob/master/src/main/java/de/kosit/validationtool/api/InputFactory.java).
It can be changed using other `read`-methods of [InputFactory](https://github.com/itplr-kosit/validator/blob/main/src/main/java/de/kosit/validationtool/api/InputFactory.java).
The main interface [Check.java](https://github.com/itplr-kosit/validator/blob/master/src/main/java/de/kosit/validationtool/api/Check.java)
allows using a batch interface (processing list of [Inputs](https://github.com/itplr-kosit/validator/blob/master/src/main/java/de/kosit/validationtool/api/Input.java)).
The main interface [Check.java](https://github.com/itplr-kosit/validator/blob/main/src/main/java/de/kosit/validationtool/api/Check.java)
allows using a batch interface (processing list of [Inputs](https://github.com/itplr-kosit/validator/blob/main/src/main/java/de/kosit/validationtool/api/Input.java)).
However, there is no parallel processing implemented at the moment.
## Accept Recommendation and Accept Match
A tri-state object [AcceptRecommendation](https://github.com/itplr-kosit/validator/blob/master/src/main/java/de/kosit/validationtool/api/AcceptRecommendation.java)
can be retrieved from the [Result](https://github.com/itplr-kosit/validator/blob/master/src/main/java/de/kosit/validationtool/api/Result.java) using `getAcceptRecommendation()`.
A tri-state object [AcceptRecommendation](https://github.com/itplr-kosit/validator/blob/main/src/main/java/de/kosit/validationtool/api/AcceptRecommendation.java)
can be retrieved from the [Result](https://github.com/itplr-kosit/validator/blob/main/src/main/java/de/kosit/validationtool/api/Result.java) using `getAcceptRecommendation()`.
The three defined states are:
@ -195,15 +196,15 @@ When using XML related technologies you are supposed to handle certain security
* allows loading/resolving only from a configured local content repository (a specific folder)
* tries to prevent known XML security issues (see [OWASP XML_Security_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/XML_Security_Cheat_Sheet.html))
However, you can configure certain aspects related to resolving and security yourself. The validator uses a single interface for accessing or creating the necessary XML API objects like `SchemaFactory`, `Validator`,`URIResolver` or `Processor`: [ResolvingConfigurationStrategy.java](https://github.com/itplr-kosit/validator/tree/master/src/main/java/de/kosit/validationtool/api/ResolvingConfigurationStrategy.java)
However, you can configure certain aspects related to resolving and security yourself. The validator uses a single interface for accessing or creating the necessary XML API objects like `SchemaFactory`, `Validator`,`URIResolver` or `Processor`: [ResolvingConfigurationStrategy.java](https://github.com/itplr-kosit/validator/tree/main/src/main/java/de/kosit/validationtool/api/ResolvingConfigurationStrategy.java)
There are 3 implementations available out of the box:
1. [StrictRelativeResolvingStrategy.java](https://github.com/itplr-kosit/validator/tree/master/src/main/java/de/kosit/validationtool/impl/xml/StrictRelativeResolvingStrategy.java)
1. [StrictRelativeResolvingStrategy.java](https://github.com/itplr-kosit/validator/tree/main/src/main/java/de/kosit/validationtool/impl/xml/StrictRelativeResolvingStrategy.java)
which is the **default**, prevents known XML attacks and only allows loading from a specific local repository location
1. [StrictLocalResolvingStrategy.java](https://github.com/itplr-kosit/validator/tree/master/src/main/java/de/kosit/validationtool/impl/xml/StrictLocalResolvingStrategy.java)
1. [StrictLocalResolvingStrategy.java](https://github.com/itplr-kosit/validator/tree/main/src/main/java/de/kosit/validationtool/impl/xml/StrictLocalResolvingStrategy.java)
which opens the first strategy to load resources from local locations
1. [RemoteResolvingStrategy.java](https://github.com/itplr-kosit/validator/tree/master/src/main/java/de/kosit/validationtool/impl/xml/RemoteResolvingStrategy.java)
1. [RemoteResolvingStrategy.java](https://github.com/itplr-kosit/validator/tree/main/src/main/java/de/kosit/validationtool/impl/xml/RemoteResolvingStrategy.java)
which further opens the second to load resources also from remote locations via http and https
You can configure usage of one of these implementations using the `ResolvingMode` via
@ -222,6 +223,6 @@ final Configuration config = Configuration.load(URI.create("myscenarios.xml"))
---
:warning: **Attention:** If you decide to implement a custom strategy you need to handle XML security risks on your own. Please make sure, that you prevent XXE and other kind of attacks. Consider using [BaseResolvingStrategy.java](https://github.com/itplr-kosit/validator/tree/master/src/main/java/de/kosit/validationtool/impl/xml/BaseResolvingStrategy.java) and the protected methods within to disable certain features.
:warning: **Attention:** If you decide to implement a custom strategy you need to handle XML security risks on your own. Please make sure, that you prevent XXE and other kind of attacks. Consider using [BaseResolvingStrategy.java](https://github.com/itplr-kosit/validator/blob/main/src/main/java/de/kosit/validationtool/impl/xml/BaseResolvingStrategy.java) and the protected methods within to disable certain features.
---