processContents strict vs lax vs skip for xsd:any

Question

master.xsd:

<?xml version="1.0" encoding="UTF-8"?>
<schema xmlns="http://www.w3.org/2001/XMLSchema" targetNamespace="http://www.gworks.cn/waf_profile"
    xmlns:tns="http://www.gworks.cn/waf_profile" elementFormDefault="qualified">
    <element name="profile">
        <complexType>
            <sequence>
                <element name="aspect">
                    <complexType>
                        <sequence minOccurs="1" >
                            <any processContents="strict" />
                        </sequence>
                        <attribute name="id" type="string" use="required"></attribute>
                        <attribute name="class" type="string" use="required"></attribute>
                        <attribute name="desc" type="string" use="optional"></attribute>
                    </complexType>
                </element>
            </sequence>
            <attribute name="name" type="string" use="required"></attribute>
        </complexType>
    </element>
</schema>

Can I write a XML file against this schema like this:

<?xml version="1.0" encoding="UTF-8"?>
<profile name="开发" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns="http://www.gworks.cn/waf_profile"
    xsi:schemaLocation="http://www.gworks.cn/waf_profile http://www.gworks.cn/waf_profile.xsd">
    <aspect id="security" class="cn.gworks.waf.config.SecurityConfig" desc="安全配置">
        <security xsi:schemaLocation="http://www.gworks.cn/config_security http://www.gworks.cn/config_security.xsd">
            <authService impl="com.bgzchina.ccms.security.SSOAuthService" enabled="true">
                <certificate>
                    <field name="Token" isKey="true" />
                </certificate>
            </authService>
            <authService impl="com.bgzchina.ccms.security.NoAuthService" enabled="true">
                <certificate>
                    <field name="username" isKey="true" />
                </certificate>
            </authService>
        </security>
    </aspect>
</profile>

where the child element "security" has its own schema defined.

Answer 1

Because the XSD specifies

<any processContents="strict" />

in the content model of aspect, your XML is invalid due to processContents="strict", which requires that the XML processor must be able to obtain the XSD definition for, in this case, security and must be able to validate it.

If you change this to

<any processContents="lax" />

your XML will be valid, and if you come to define security in your XSD, the definition will be used during validation. (If the definition cannot be found, your document will still be considered to be valid.) This requires that the content be valid only if XML processor can find its definition.

If you change this to

<any processContents="skip" />

your XML will be valid and the XML processor will make no attempt to validate the children content under aspect (other than that requiring it to be some single element per the sequence constraint).

Notes:

• The default value for processContents is strict.
• See section 3.10.2 XML Representation of Wildcard Schema Components in the XSD Recommendation for more information.
• If you're wondering about how to bring another XSD into your master XSD, see xsd:import vs xsd:include.