Xml External Entities in Restify with Firestore

An XML External Entity (XXE) injection occurs when an application processes XML input and allows an attacker to define external entities that are resolved during parsing. In a Restify service that accepts XML payloads and interacts with Google Cloud Firestore, the combination of XML parsing and Firestore data access can expose sensitive information or lead to server-side request forgery (SSRF) through the entity resolution process.

Consider a Restify endpoint that receives an XML document containing user-supplied values which are later used to construct a Firestore query. If the XML parser is configured to resolve external entities, an attacker can supply a malicious DOCTYPE declaration that defines an external entity pointing to a local or remote resource. When the parser expands the entity, the request may trigger an HTTP request from the server to the specified URI, potentially reaching internal metadata services or other internal endpoints. This SSRF vector is especially relevant when Firestore operations are performed based on the resolved entity data, as the application might inadvertently use attacker-controlled values in Firestore document paths or queries.

For example, an attacker could provide an XML payload that defines an entity referencing the instance metadata service (http://169.254.169.254). If the Restify application parses this XML and uses the retrieved data to build a Firestore document ID or a query filter, the SSRF can occur. Even if the immediate Firestore operation appears benign, the leakage of metadata service responses can expose project IDs, service account tokens, or other sensitive environment details that may be leveraged in further attacks.

In addition to SSRF, XXE can lead to sensitive file disclosure or remote code execution depending on the environment and parser settings. If the Restify application uses the parsed XML values to retrieve Firestore documents, an attacker might inject entity references to local files (e.g., /etc/passwd) and cause the parser to read and include those files in the resulting data passed to Firestore operations. This could expose configuration details, credentials, or other sensitive information that assists in compromising the system.

The risk is amplified when the Restify service uses default parser configurations that enable external entity resolution without explicit hardening. Without disabling external entity processing and external DTD loading in the XML parser, any Firestore interaction based on XML-derived inputs becomes a potential attack surface. Security checks in middleBrick’s XML-related validation tests would flag such misconfigurations and highlight the need to treat XML input as untrusted, especially when it influences backend data stores like Firestore.

To mitigate XXE in a Restify service that works with Firestore, you must configure the XML parser to disable external entity resolution and DTD processing. Below are concrete remediation steps and code examples that demonstrate how to secure the parser before using data in Firestore operations.

First, ensure your XML parsing library is configured to ignore external entities. For Node.js applications using the xmldom package, you can create a parser with secure features disabled:

const { DOMParser } = require('@xmldom/xmldom');
const parser = new DOMParser({
  errorHandler: {
    warning: warn => console.warn(warn),
    error: err => console.error(err),
    fatalError: err => console.error(err)
  },
  // Disable external entities and DTDs
  externalEntities: 'off',
  disableXmlResolver: true
});

const xmlString = req.body; // raw XML from request
const doc = parser.parseFromString(xmlString, 'text/xml');
// Continue processing doc safely, using only in-memory data

With this configuration, the parser will not resolve external entities or load external DTDs, effectively neutralizing XXE injection vectors. After parsing, extract only the necessary data and validate it before using it in Firestore operations.

When interacting with Firestore, use strict validation and avoid directly incorporating unvalidated XML content into document paths or queries. For example, if you expect a user identifier from the XML, validate it against a strict pattern and then use it as a document reference:

const admin = require('firebase-admin');
admin.initializeApp();
const db = admin.firestore();

async function getUserDocument(userId) {
  // Validate userId to allow only alphanumeric and underscores
  if (!/^[a-zA-Z0-9_]+$/.test(userId)) {
    throw new Error('Invalid user ID');
  }
  const docRef = db.collection('users').doc(userId);
  const doc = await docRef.get();
  if (!doc.exists) {
    throw new Error('User not found');
  }
  return doc.data();
}

This approach ensures that user input derived from XML is sanitized before it reaches Firestore, preventing unintended data access or injection through document identifiers.

Additionally, apply the principle of least privilege to the service account used by your Restify application. Restrict Firestore permissions to only the necessary read/write operations and collections. Combine this with environment-level protections such as VPC Service Controls to reduce the impact of any potential SSRF or data exposure that might bypass input validation.

For ongoing security, integrate middleBrick’s scans into your workflow. Use the CLI to run middlebrick scan <url> during development or incorporate the GitHub Action to fail builds if risky XML handling patterns are detected. The MCP Server can also be used to scan APIs directly from your IDE, providing early feedback on insecure XML parsing configurations before they reach production.