From e77cedb03914d589462431d1d6675f8d7bc689ba Mon Sep 17 00:00:00 2001
From: Ryan Ahearn <ryan.ahearn@gsa.gov>
Date: Thu, 18 Aug 2022 17:52:44 +0000
Subject: [PATCH] Clean up xml finding from static-scan

---
 app/celery/process_sms_client_response_tasks.py | 10 +++++-----
 app/xml_schemas/__init__.py                     | 17 ++++++-----------
 requirements.in                                 |  1 +
 requirements.txt                                |  2 ++
 4 files changed, 14 insertions(+), 16 deletions(-)

diff --git a/app/celery/process_sms_client_response_tasks.py b/app/celery/process_sms_client_response_tasks.py
index 3676fe72a..e7726f305 100644
--- a/app/celery/process_sms_client_response_tasks.py
+++ b/app/celery/process_sms_client_response_tasks.py
@@ -14,13 +14,13 @@ from app.notifications.notifications_ses_callback import (
     check_and_queue_callback_task,
 )
 
-# sms_response_mapper = {
-#     'MMG': get_mmg_responses,
-#     'Firetext': get_firetext_responses,
-# }
+sms_response_mapper = {
+    # 'MMG': get_mmg_responses,
+    # 'Firetext': get_firetext_responses,
+}
 
 
-gUpdate with new providers")
+# gUpdate with new providers")
 @notify_celery.task(bind=True, name="process-sms-client-response", max_retries=5, default_retry_delay=300)
 def process_sms_client_response(self, status, provider_reference, client_name, detailed_status_code=None):
     # validate reference
diff --git a/app/xml_schemas/__init__.py b/app/xml_schemas/__init__.py
index 8f02f994e..fc02965d0 100644
--- a/app/xml_schemas/__init__.py
+++ b/app/xml_schemas/__init__.py
@@ -1,6 +1,8 @@
 from pathlib import Path
 
-from lxml import etree
+from defusedxml.lxml import fromstring
+# there is no equivalent in defusedxml to validate a schema
+from lxml.etree import XMLSchema  # nosec B410
 
 
 def validate_xml(document, schema_file_name):
@@ -8,13 +10,6 @@ def validate_xml(document, schema_file_name):
     path = Path(__file__).resolve().parent / schema_file_name
     contents = path.read_text()
 
-    schema_root = etree.XML(contents.encode('utf-8'))
-    schema = etree.XMLSchema(schema_root)
-    parser = etree.XMLParser(schema=schema)
-
-    try:
-        etree.fromstring(document, parser)
-    except etree.XMLSyntaxError:
-        return False
-
-    return True
+    schema_root = fromstring(contents.encode('utf-8'))
+    schema = XMLSchema(schema_root)
+    return schema.validate(fromstring(document))
diff --git a/requirements.in b/requirements.in
index ab9e25179..6f6ff71c5 100644
--- a/requirements.in
+++ b/requirements.in
@@ -22,6 +22,7 @@ SQLAlchemy==1.4.40
 cachetools==5.1.0
 beautifulsoup4==4.11.1
 lxml==4.9.1
+defusedxml==0.7.1
 Werkzeug==2.1.1
 python-dotenv==0.20.0
 
diff --git a/requirements.txt b/requirements.txt
index da30dafff..8003b54e1 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -69,6 +69,8 @@ click-repl==0.2.0
     # via celery
 colorama==0.4.4
     # via awscli
+defusedxml==0.7.1
+    # via -r requirements.in
 deprecated==1.2.13
     # via redis
 dnspython==2.2.1