Parsing Failure Mechanisms

[bauman]

Many separate entities appear to be implementing slightly different versions of the STIX specification. The data exported from the python-stix library importing to a python dictionary can be incomplete if the incoming XML is not 100% compliant with the python-stix implementation. Can the to_dict method be updated to either failover to the a more global tool (such as xmltodict) or at least have a mode where it throws an exception if the input XML appears to have additional information that the python-stix module cannot process?

[gtback]

If there are particular schema elements that are missing (and in common enough use), we should definitely add them.

I'm not sure the best way to handle the more generic failover case. All of the information from the XML should be available in the bindings objects, but these don't get translated into the "API" objects or dictionaries. If you know there's there, you can access them, but that's far from ideal. On the other hand, tools like xmltodict don't care at all about the schema or the expected content of the XML.

[bauman]

I am mainly concerned with small, but custom implementation specific wrappers that cause the parsing to fail. It is easy for me to "unwrap" these small customizations before passing to the python-stix library, but I'd rather not build unwrappers for everyone who needs to build one.

Perhaps the library could check the XML schemas, and if any schema is not at mitre.org, then the library could use its own parser, but then run once more with the global parser and check the diffs on the dictionary and maybe report on the difference.