Bug 791220 – xmllint and https support

After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.

Bug 791220 - xmllint and https support


Summary:	xmllint and https support


Status:	RESOLVED OBSOLETE

Product:	libxml2
Classification:	Platform
Component:	xmllint
Version:	git master
Hardware:	Other All

Importance:	Normal enhancement
Target Milestone:	---
Assigned To:	Daniel Veillard
QA Contact:

URL:
Whiteboard:

Depends on:
Blocks:

Reported:	2017-12-04 19:26 UTC by Shamal Faily
Modified:	2021-07-05 13:26 UTC

See Also:
GNOME target:	---
GNOME version:	---

Description Shamal Faily 2017-12-04 19:26:22 UTC

I'm conscious this issue was raised in Bug 147740, but I wanted to flag this again.  The recommendation at the time seemed to be to rely on http hosted DTDs or rely on locally hosted catalog files, but that may no longer be an option for some people.

The root cause of this issue seems to be a lack of user agent being set when HTTP GETing the DTD, so if this can be defined somewhere then this might be a 'quick win' for providing https support?

Comment 1 Shamal Faily 2017-12-04 19:29:37 UTC

Sorry, that should have been Bug Id 791220 not 147740.

Thanks for all your hard work supporting libxml2, xmllint and associated tools by the way :-)

Comment 2 Harald Welte 2018-03-17 14:01:40 UTC

Please note that even docbook.org is meanwhile responding with "301 permanently moved" to http requests, redirecting to https.

Yes, using a local catalog is a work-around particularly for the standard DTDs like docbook.org - but if you want to use something more recent than your distro ships, or custom DTDs, then that won't work.

I guess in 2018, it's not a fair assumption that all information online is available via plain HTTP any more :/

Also, the error message "Unknown IO error" could be improved.  I only manged to find out about this by strace-ing xmllint.

Comment 3 Vincent Lefevre 2018-05-30 17:00:59 UTC

The problem is in libxml2, not in xmllint itself (it also affects xsltproc).

Moreover, while a catalog could be used for DTD's as a workaround, this is practically impossible for entities in order to get the latest version.

As an example, https://gforge.inria.fr/scm/viewvc.php/mpfr/trunk/doc/faq.xsl?revision=12067&view=markup was no longer working, as mpfr.org now uses https with HSTS.

Comment 4 GNOME Infrastructure Team 2021-07-05 13:26:32 UTC

GNOME is going to shut down bugzilla.gnome.org in favor of gitlab.gnome.org.
As part of that, we are mass-closing older open tickets in bugzilla.gnome.org
which have not seen updates for a longer time (resources are unfortunately
quite limited so not every ticket can get handled).

If you can still reproduce the situation described in this ticket in a recent
and supported software version, then please follow
  https://wiki.gnome.org/GettingInTouch/BugReportingGuidelines
and create a new ticket at
  https://gitlab.gnome.org/GNOME/libxml2/-/issues/

Thank you for your understanding and your help.