How to assign XML DTD entity to attribute value

Question

My XML:

<?xml version="1.0"?>
<!DOCTYPE Input [  
    <!ELEMENT Input ANY >
    <!ENTITY xxe SYSTEM "file:///c:/test.txt" >]>
<ExecutionParameters>
  <Inputs>
    <Input Name="Input1" Value="VALUE_OF_XXE"></Input>
  </Inputs>
</ExecutionParameters>

I want to pass xxe (content of test.txt file) to the VALUE_OF_XXE.

Answer 1

You cannot reference an external entity from an XML attribute value; this is not allowed:

<Input Name="Input1" Value="&xxe;"></Input>

Alternatives

1. Reference the external entity from an element value:

   <Input Name="Input1" Value="">&xxe;</Input>
   

2. Reference an internal entity from an attribute value:

    <!ENTITY xie "Some text here" >]>
   

See also

• Can I use variables in XML files?