ehnance script

righettod · righettod · commit 7d1ec842394f · 2025-11-07T09:26:59.000+01:00
diff --git a/scripts/identify-unrestricted-string-types-from-xsd-schema.py b/scripts/identify-unrestricted-string-types-from-xsd-schema.py
@@ -17,6 +17,7 @@
 STRICT_RESTRICTIONS_ACCEPTED = ["enumeration", "pattern"]
 STRICT_RESTRICTIONS_MAX_STRING_LENTGTH_ACCEPTED_AS_VALID_RESTRICTION = 20
 XSD_NS_PREFIX_IDENTIFICATION_REGEX = r'xmlns:([a-zA-Z0-9\-_]+)="http:\/\/www\.w3\.org\/2001\/XMLSchema"'
+DEBUG_MODE = False
 
 
 def local_name(name, delimiter="}"):
@@ -61,8 +62,8 @@ def has_restrictions(node, xsd_namespaces, xsd_namespace_prefix):
             for restriction_child_element in restriction_element:
                 lname = local_name(restriction_child_element.tag)
                 # For maxLength extract the constraints.
-                # Indeed if only 10 characters is allowed then it make
-                # harder to submit a malicious content
+                # Indeed if only 'STRICT_RESTRICTIONS_MAX_STRING_LENTGTH_ACCEPTED_AS_VALID_RESTRICTION' characters
+                # is allowed then it make harder to submit a malicious content
                 if lname == "maxLength":
                     lname += " " + restriction_child_element.get("value")
                 restriction_tags.append(lname)
@@ -86,6 +87,8 @@ def find_unrestricted_string_types(xsd_file, xsd_namespaces, xsd_namespace_prefi
             unrestricted_string_types.append(type_name)
         elif restrictions[0] and use_strict_mode and not has_strict_restrictions(restrictions[2]) and type_name not in unrestricted_string_types:
             unrestricted_string_types.append(type_name)
+        if DEBUG_MODE:
+            print(f"[{colored('DEBUG', 'cyan')}] {type_name} => {restrictions}")
     return unrestricted_string_types
 
 
@@ -94,7 +97,9 @@ def find_unrestricted_string_types(xsd_file, xsd_namespaces, xsd_namespace_prefi
     parser.add_argument("--file", action="store", dest="xsd_file_path", help="XSD file to analyze.", required=False)
     parser.add_argument("--folder", action="store", dest="xsd_files_base_folder", help="Folder containing a collection of XSD files to analyze.", required=False)
     parser.add_argument("--strict", action="store_true", dest="use_strict_mode", help=f"Only consider 'enumeration', 'pattern' and 'maxLength <= {STRICT_RESTRICTIONS_MAX_STRING_LENTGTH_ACCEPTED_AS_VALID_RESTRICTION}' as accepted restrictions.", required=False, default=False)
+    parser.add_argument("--debug", action="store_true", dest="use_debug_mode", help="Print verbose information during some phases for debugging purpose.", required=False, default=False)
     args = parser.parse_args()
+    DEBUG_MODE = args.use_debug_mode
     if args.xsd_file_path is None and args.xsd_files_base_folder is None:
         print("At least one processing mode must be specified!")
         sys.exit(-1)
