'//*[@xsi:type="helper"]', self::UPDATER_MODEL => '//updater', ]; /** * XSD Schemas for Layout Update validation * * @var array */ protected $_xsdSchemas; /** * @var \Magento\Framework\Config\DomFactory */ protected $_domConfigFactory; /** * @param \Magento\Framework\Config\DomFactory $domConfigFactory * @param \Magento\Framework\Config\Dom\UrnResolver $urnResolver */ public function __construct( \Magento\Framework\Config\DomFactory $domConfigFactory, UrnResolver $urnResolver ) { $this->_domConfigFactory = $domConfigFactory; $this->_initMessageTemplates(); $this->_xsdSchemas = [ self::LAYOUT_SCHEMA_PAGE_HANDLE => $urnResolver->getRealPath( 'urn:magento:framework:View/Layout/etc/page_layout.xsd' ), self::LAYOUT_SCHEMA_MERGED => $urnResolver->getRealPath( 'urn:magento:framework:View/Layout/etc/layout_merged.xsd' ), ]; } /** * Initialize messages templates with translating * * @return $this */ protected function _initMessageTemplates() { if (!$this->_messageTemplates) { $this->_messageTemplates = [ self::HELPER_ARGUMENT_TYPE => (string)new \Magento\Framework\Phrase( 'Helper arguments should not be used in custom layout updates.' ), self::UPDATER_MODEL => (string)new \Magento\Framework\Phrase( 'Updater model should not be used in custom layout updates.' ), self::XML_INVALID => (string)new \Magento\Framework\Phrase( 'Please correct the XML data and try again. %value%' ), ]; } return $this; } /** * Returns true if and only if $value meets the validation requirements * * If $value fails validation, then this method returns false, and * getMessages() will return an array of messages that explain why the * validation failed. * * @param string $value * @param string $schema * @param bool $isSecurityCheck * @return bool */ public function isValid($value, $schema = self::LAYOUT_SCHEMA_PAGE_HANDLE, $isSecurityCheck = true) { try { //wrap XML value in the "layout" and "handle" tags to make it validatable $value = '' . $value . ''; $this->_domConfigFactory->createDom(['xml' => $value, 'schemaFile' => $this->_xsdSchemas[$schema]]); if ($isSecurityCheck) { $value = new \Magento\Framework\Simplexml\Element($value); $value->registerXPathNamespace('xsi', self::XML_NAMESPACE_XSI); foreach ($this->_protectedExpressions as $key => $xpr) { if ($value->xpath($xpr)) { $this->_error($key); } } $errors = $this->getMessages(); if (!empty($errors)) { return false; } } } catch (\Magento\Framework\Config\Dom\ValidationException $e) { $this->_error(self::XML_INVALID, $e->getMessage()); return false; } catch (\Exception $e) { $this->_error(self::XML_INVALID); return false; } return true; } }