[xmlsec] xpath addressing

Matthias Jung matthias.jung at xtradyne.com
Tue Jul 1 02:17:18 PDT 2003

could you please explain to me what the intention of the xpath pattern 
is that will be added to the xpath expressions within xpath transforms?

See xpath .c:
static const char xpathPattern[] = "(//. | //@* | //namespace::*)[%s]";

I don't really understand what it expresses and it causes some problems.
I'm trying to select a node by addressing its complete path within the 
A simple expression would look like:
/*[local-name()='root' and namespace-uri()='uri']/*[local-name()='child' 
and namespace-uri()='uri']

Testing this expression with libxml's xpath test program the correct 
node is returned.
But enveloping this expression with the xpath pattern from above, the 
whole document is selected.
This causes signature validation failures because digests do not match 
anymore (the siganture is within the selected document).

In my eys the problem seems to be the squared brackets at the end of the 
pattern. Removing them the xpath test progarmm returns the correct node.
An example expression is: "(//. | //@* | 
//namespace::*)/*[local-name()='root'] ...."

Unfortunately my xpath expertise is not good enough to survey if this 
would conflict with other xpath statements.
So my questions are, what the patteren is used for and are the squared 
brackets really needed?



More information about the xmlsec mailing list