[Solved] XmlException: For security reasons DTD is prohibited in this XML document in ASP.Net Core Web API

pandeygolu4200
 
on Apr 12, 2022 03:34 AM
1271 Views

Hi,

I am trying to read rss feed from a url but when i read, it is throwing a below error. 

I have Google many solutions and try various methods but did nothing works for me.

Tried below line, but getting same error.

System.Xml.XmlException: For security reasons DTD is prohibited in this XML document. To enable DTD processing set the DtdProcessing property on XmlReaderSettings to Parse and pass the settings into XmlReader.Create method.
   at System.Xml.XmlTextReaderImpl.Throw(Exception e)
   at System.Xml.XmlTextReaderImpl.ParseDoctypeDecl()
   at System.Xml.XmlTextReaderImpl.ParseDocumentContent()
   at System.Xml.XmlReader.MoveToContent()
   at System.Xml.XmlReader.IsStartElement(String localname, String ns)
   at System.ServiceModel.Syndication.Rss20FeedFormatter.CanRead(XmlReader reader)
   at System.ServiceModel.Syndication.Rss20FeedFormatter.ReadFrom(XmlReader reader)
   at PatientManagement.Api.Controllers.NewsController.NewsReader() in D:\Projects\Khalid\PatientManagement\Khalid_Ai_Araimi\Controllers\NewsController.cs:line 48
   at Microsoft.AspNetCore.Mvc.Infrastructure.ActionMethodExecutor.TaskOfIActionResultExecutor.Execute(IActionResultTypeMapper mapper, ObjectMethodExecutor executor, Object controller, Object[] arguments)
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using PatientManagement.Core.Entities;
using System;
using System.Collections.Generic;
using System.Linq;
using System.ServiceModel.Syndication;
using System.Text.RegularExpressions;
using System.Threading.Tasks;
using System.Xml;
using System.Xml.Linq;

namespace PatientManagement.Api.Controllers
{
    [Route("api/News")]
    public class NewsController : ControllerBase
    {
        [HttpGet, Route("Newslist")]
        
        public async Task<IActionResult> NewsReader()
        {
            List<Feed> feeds = new List<Feed>();
           string url = "https://gh.bmj.com/pages/rss-feeds/";
            //string url = "https://medlineplus.gov/rss.html";
            XmlReaderSettings settings = new XmlReaderSettings();
            settings.DtdProcessing = DtdProcessing.Prohibit;
            settings.ValidationType = ValidationType.None;
            settings.ProhibitDtd = false;
           
            settings.MaxCharactersFromEntities = 1024;

            XDocument xDoc = new XDocument();
            xDoc = XDocument.Load(url);
            XmlDocument doc = new XmlDocument();
           
            XmlReader reader = XmlReader.Create(url);
            ////SyndicationFeed feed = SyndicationFeed.Load(reader);
            ////reader.Close();
            ////foreach (SyndicationItem item in feed.Items)
            ////{
            ////    String subject = item.Title.Text;
            ////    String summary = item.Summary.Text;

            ////}
          
            Rss20FeedFormatter formatter =
            new Rss20FeedFormatter();
            formatter.ReadFrom(reader);
            reader.Close();
            String subject = formatter.Feed.Title.Text;
            String summary = formatter.Feed.Copyright.Text;
            formatter.Feed.Items.Single();

            // formatter.Feed.Items.Single().lin;

            return Ok(feeds);
        }
    }
}

 

 

Download FREE API for Word, Excel and PDF in ASP.Net: Download
dharmendr
 
on Apr 13, 2022 12:36 AM
on Apr 13, 2022 12:36 AM
pandeygolu4200 says:
settings.ProhibitDtd = false;

settings.ProhibitDtd is deprecated.

You have to remove the line.

If still you get error refer below links.

https://www.assistmyteam.com/kb/workaround-on-error-for-security-reasons-dtd-is-prohibited-in-this-xml-document/

https://www.koskila.net/fixing-security-reasons-dtd-prohibited-xml-document-issue/