XmlReaderSettings.Schemas Property


Gets or sets the XmlSchemaSet to use when performing schema validation.

Namespace:   System.Xml
Assembly:  System.Xml (in System.Xml.dll)

Public Property Schemas As XmlSchemaSet

Property Value

Type: System.Xml.Schema.XmlSchemaSet

The XmlSchemaSet to use when performing schema validation. The default is an empty XmlSchemaSet object.

System_CAPS_security Security Note
  • Do not use schemas from unknown or untrusted sources or locations. Doing so will compromise the security of your code.

  • XML schemas (including inline schemas) are inherently vulnerable to denial of service attacks; do not accept them in untrusted scenarios.

  • Schema validation error messages and exceptions may expose sensitive information about the content model or URI paths to the schema file. Be careful not to expose this information to untrusted callers.

  • For additional information, see the "Security considerations" section.

The XmlSchemaSet class only supports XML Schema definition language (XSD) schemas. XmlReader instances created by the Create method cannot be configured to enable XML-Data Reduced (XDR) schema validation.

  • Do not use schemas from unknown or untrusted sources. Doing so will compromise the security of your code. The XmlUrlResolver class is used to resolve external schemas by default. To disable resolution of include, import, and redefine elements of a schema, set the XmlSchemaSet.XmlResolver property to null.

  • Exceptions raised as a result of using the XmlSchemaSet class, such as the XmlSchemaException class may contain sensitive information that should not be exposed in untrusted scenarios. For example, the SourceUri property of an XmlSchemaException returns the URI path to the schema file that caused the exception. The SourceUri property should not be exposed in untrusted scenarios. Exceptions should be properly handled so that this sensitive information is not exposed in untrusted scenarios.

The example below uses the XmlReaderSettings object and the XmlReader.Create method to associate a schema with an XML document. The schema is added to the Schemas property of the XmlReaderSettings object. The value of the Schemas property is an XmlSchemaSet object. The schema is used to validate that the XML document conforms to the schema content model. Schema validation errors and warnings are handled by the ValidationEventHandler defined in the XmlReaderSettings object.

Imports System
Imports System.Xml
Imports System.Xml.Schema

Class XmlSchemaSetExample

    Shared Sub Main()

        Dim booksSettings As XmlReaderSettings = New XmlReaderSettings()
        booksSettings.Schemas.Add("http://www.contoso.com/books", "books.xsd")
        booksSettings.ValidationType = ValidationType.Schema
        AddHandler booksSettings.ValidationEventHandler, New ValidationEventHandler(AddressOf booksSettingsValidationEventHandler)

        Dim books As XmlReader = XmlReader.Create("books.xml", booksSettings)

        While books.Read()

        End While

    End Sub

    Shared Sub booksSettingsValidationEventHandler(ByVal sender As Object, ByVal e As ValidationEventArgs)

        If e.Severity = XmlSeverityType.Warning Then
            Console.Write("WARNING: ")

        ElseIf e.Severity = XmlSeverityType.Error Then
            Console.Write("ERROR: ")
        End If

    End Sub

End Class

The example uses the books.xml file as input.

<bookstore xmlns="http://www.contoso.com/books">
  <book genre="autobiography" publicationdate="1981" ISBN="1-861003-11-0">
    <title>The Autobiography of Benjamin Franklin</title>
  <book genre="novel" publicationdate="1967" ISBN="0-201-63361-2">
    <title>The Confidence Man</title>
  <book genre="philosophy" publicationdate="1991" ISBN="1-861001-57-6">
    <title>The Gorgias</title>

The example uses the books.xsd file as an input.

<?xml version="1.0" encoding="utf-8"?>
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" targetNamespace="http://www.contoso.com/books" xmlns:xs="http://www.w3.org/2001/XMLSchema">
    <xs:element name="bookstore">
                <xs:element maxOccurs="unbounded" name="book">
                            <xs:element name="title" type="xs:string" />
                            <xs:element name="author">
                                        <xs:element minOccurs="0" name="name" type="xs:string" />
                                        <xs:element minOccurs="0" name="first-name" type="xs:string" />
                                        <xs:element minOccurs="0" name="last-name" type="xs:string" />
                            <xs:element name="price" type="xs:decimal" />
                        <xs:attribute name="genre" type="xs:string" use="required" />
                        <xs:attribute name="publicationdate" type="xs:unsignedShort" use="required" />
                        <xs:attribute name="ISBN" type="xs:string" use="required" />

.NET Framework
Available since 2.0
Return to top