How to parse invalid (bad / not well-formed) XML?

java xml xml-parsing xml-validation

26,806

Solution 1

That "XML" is worse than invalid – it's not well-formed; see Well Formed vs Valid XML.

An informal assessment of the predictability of the transgressions does not help. That textual data is not XML. No conformant XML tools or libraries can help you process it.

Options, most desirable first:

Have the provider fix the problem on their end. Demand well-formed XML. (Technically the phrase well-formed XML is redundant but may be useful for emphasis.)
Use a tolerant markup parser to cleanup the problem ahead of parsing as XML:
- Standalone: xmlstarlet has robust recovering and repair capabilities^{_{credit: RomanPerekhrest}}
```
xmlstarlet fo -o -R -H -D bad.xml 2>/dev/null
```
- Standalone and C/C++: HTML Tidy works with XML too. Taggle is a port of TagSoup to C++.
- Python: Beautiful Soup is Python-based. See notes in the Differences between parsers section. See also answers to this question for more suggestions for dealing with not-well-formed markup in Python, including especially lxml's recover=True option. See also this answer for how to use codecs.EncodedFile() to cleanup illegal characters.
- Java: TagSoup and JSoup focus on HTML. FilterInputStream can be used for preprocessing cleanup.
- .NET:
  - XmlReaderSettings.CheckCharacters can be disabled to get past illegal XML character problems.
  - @jdweng notes that XmlReaderSettings.ConformanceLevel can be set to ConformanceLevel.Fragment so that XmlReader can read XML Well-Formed Parsed Entities lacking a root element.
  - @jdweng also reports that XmlReader.ReadToFollowing() can sometimes be used to work-around XML syntactical issues, but note rule-breaking warning in #3 below.
  - Microsoft.Language.Xml.XMLParser is said to be “error-tolerant”.
- Go: Set Decoder.Strict to false as shown in this example by @chuckx.
- PHP: See DOMDocument::$recover and libxml_use_internal_errors(true). See nice example here.
- Ruby: Nokogiri supports “Gentle Well-Formedness”.
- R: See htmlTreeParse() for fault-tolerant markup parsing in R.
- Perl: See XML::Liberal, a "super liberal XML parser that parses broken XML."
Process the data as text manually using a text editor or programmatically using character/string functions. Doing this programmatically can range from tricky to impossible as what appears to be predictable often is not -- rule breaking is rarely bound by rules.
- For invalid character errors, use regex to remove/replace invalid characters:
  - PHP: preg_replace('/[^\x{0009}\x{000a}\x{000d}\x{0020}-\x{D7FF}\x{E000}-\x{FFFD}]+/u', ' ', $s);
  - Ruby: string.tr("^\u{0009}\u{000a}\u{000d}\u{0020}-\u{D7FF}\u{E000‌}-\u{FFFD}", ' ')
  - JavaScript: inputStr.replace(/[^\x09\x0A\x0D\x20-\xFF\x85\xA0-\uD7FF\uE000-\uFDCF\uFDE0-\uFFFD]/gm, '')
- For ampersands, use regex to replace matches with &:^{_{credit: blhsin, demo}}
```
&(?!(?:#\d+|#x[0-9a-f]+|\w+);)
```

Note that the above regular expressions won't take comments or CDATA sections into account.

Solution 2

A standard XML parser will NEVER accept invalid XML, by design.

Your only option is to pre-process the input to remove the "predictably invalid" content, or wrap it in CDATA, prior to parsing it.

Solution 3

IMO these cases should be solved by using JSoup.

Below is a not-really answer for this specific case, but found this on the web (thanks to inuyasha82 on Coderwall). This code bit did inspire me for another similar problem while dealing with malformed XMLs, so I share it here.

Please do not edit what is below, as it is as it on the original website.

The XML format, requires to be valid a unique root element declared in the document. So for example a valid xml is:

<root>
     <element>...</element>
     <element>...</element>
</root>

But if you have a document like:

<element>...</element>
<element>...</element>
<element>...</element>
<element>...</element>

This will be considered a malformed XML, so many xml parsers just throw an Exception complaining about no root element. Etc.

In this example there is a solution on how to solve that problem and succesfully parse the malformed xml above.

Basically what we will do is to add programmatically a root element.

So first of all you have to open the resource that contains your "malformed" xml (i. e. a file):

File file = new File(pathtofile);

Then open a FileInputStream:

FileInputStream fis = new FileInputStream(file);

If we try to parse this stream with any XML library at that point we will raise the malformed document Exception.

Now we create a list of InputStream objects with three lements:

A ByteIputStream element that contains the string: "" Our FileInputStream A ByteInputStream with the string: "" So the code is:

List<InputStream> streams = 
    Arrays.asList(
        new ByteArrayInputStream("<root>".getBytes()),
    fis,
    new ByteArrayInputStream("</root>".getBytes()));

Now using a SequenceInputStream, we create a container for the List created above:

InputStream cntr = 
new SequenceInputStream(Collections.enumeration(str));

Now we can use any XML Parser library, on the cntr, and it will be parsed without any problem. (Checked with Stax library);

Solution 4

The accepted answer is good advice, and contains very useful links.

I'd like to add that this, and many other cases of not-wellformed and/or DTD-invalid XML can be repaired using SGML, the ISO-standardized superset of HTML and XML. In your case, what works is to declare the bogus THIS-IS-PART-OF-DESCRIPTION element as SGML empty element and then use eg. the osx program (part of the OpenSP/OpenJade SGML package) to convert it to XML. For example, if you supply the following to osx

<!DOCTYPE xml [
  <!ELEMENT xml - - ANY>
  <!ELEMENT description - - ANY>
  <!ELEMENT THIS-IS-PART-OF-DESCRIPTION -  - EMPTY>
]>
<xml>
  <description>blah blah
    <THIS-IS-PART-OF-DESCRIPTION>
  </description>
</xml>

it will output well-formed XML for further processing with the XML tools of your choice.

Note, however, that your example snippet has another problem in that element names starting with the letters xml or XML or Xml etc. are reserved in XML, and won't be accepted by conforming XML parsers.

View more solutions

26,806

jvhashe

Updated on July 12, 2022

Comments

jvhashe almost 2 years
Currently, I'm working on a feature that involves parsing XML that we receive from another product. I decided to run some tests against some actual customer data, and it looks like the other product is allowing input from users that should be considered invalid. Anyways, I still have to try and figure out a way to parse it. We're using javax.xml.parsers.DocumentBuilder and I'm getting an error on input that looks like the following.
```
<xml>
  ...
  <description>Example:Description:<THIS-IS-PART-OF-DESCRIPTION></description>
  ...
</xml>
```
As you can tell, the description has what appears to be an invalid tag inside of it (<THIS-IS-PART-OF-DESCRIPTION>). Now, this description tag is known to be a leaf tag and shouldn't have any nested tags inside of it. Regardless, this is still an issue and yields an exception on DocumentBuilder.parse(...)

I know this is invalid XML, but it's predictably invalid. Any ideas on a way to parse such input?
- Makoto almost 7 years
  
  Invalid XML really isn't XML, though. Parsers exist which expect XML to be valid, and it's not a leap to expect that, either; it's not like DOM which can be entirely invalid.
- Compass almost 7 years
  
  From a design standpoint, it should be the provider's responsibility to correct malformed XML, and not the consumer's responsibility to handle malformed XML.
- Lew Bloch almost 7 years
  
  The XML can't be tested for validity because it is not well formed. "Valid" means that the document conforms to a schema or DTD, but if a document isn't even well-formed XML then the question of validity cannot even be asked. The proper thing for your code to do is to reject the bad input. Silently ignoring such egregious errors is a recipe for worse bugs.
- vtd-xml-author almost 7 years
  
  you can use shell script or interpreted language like perl to patch up the errors to make it valid.
Lew Bloch almost 7 years

"A standard XML parser will NEVER accept invalid XML", nor will it accept supposed XML that isn't well formed.
jvhashe almost 7 years

Yeah, I was thinking these might be the only options, but I wanted to see if there were any other solutions first. Thanks for the input.
lab9 almost 4 years

Adressing the regular expression for ampersands: The following regex will also treat comments and CDATA sections correctly: /&(?!(?:#\d+|#x[0-9a-fA-F]+|\w+);)(?!(?:(?!<!\[CDATA\[|\]\]>‌).)*\]\]>)(?!(?:(?!<‌!--|-->).)*-->)/g